Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

r36187 broke auth in mysql.lua (protocol version 10) #596

cldrn opened this issue Nov 29, 2016 · 1 comment

r36187 broke auth in mysql.lua (protocol version 10) #596

cldrn opened this issue Nov 29, 2016 · 1 comment


Copy link

cldrn commented Nov 29, 2016

I just noticed mysql-brute is not working. Something broke authentication in r36187. Scripts works correctly if I revert to r35858.

Tested on MySQL 5.7.13 using protocol version 10.

3306/tcp open mysql MySQL 5.7.13-0ubuntu0.16.04.2
| mysql-info:
| Protocol: 10
| Version: 5.7.13-0ubuntu0.16.04.2
| Thread ID: 150089
| Capabilities flags: 63487
| Some Capabilities: DontAllowDatabaseTableColumn, LongPassword, IgnoreSigpipes, LongColumnFlag, SupportsTransactions, Speaks41ProtocolOld, FoundRows, SupportsCompression, InteractiveClient, Support41Auth, ConnectWithDatabase, ODBCClient, SupportsLoadDataLocal, IgnoreSpaceBeforeParenthesis, Speaks41ProtocolNew, SupportsMultipleResults, SupportsMultipleStatments, SupportsAuthPlugins
| Status: Autocommit
|_ Auth Plugin Name: 96

Copy link

@cldrn Thanks for pointing this out! A couple observations, and I hope someone can quickly diagnose:

  1. We also apparently need to strip carriage returns ('\r') from the Salt when reporting that. That's the weird jumbled-up line after "Status: Autocommit"
  2. For future reference, the commit in question is 8c10485, which fixed wrongfully reading version #529

suraj51k pushed a commit to suraj51k/nmap that referenced this issue Jan 31, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
None yet

No branches or pull requests

2 participants