/metasploit-framework

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update for MySQL 5.7 and above #9525

Merged
merged 1 commit into from Feb 8, 2018

Conversation

Reviewers
No reviews
Assignees

@busterb busterb

Labels
Projects
None yet
Milestone
No milestone
3 participants
@OsandaMalith @busterb @allrosenthal-r7
@OsandaMalith
Contributor

OsandaMalith commented Feb 8, 2018

Starting from MySQL 5.7 the 'password' column was changed to 'authentication_string'. I've added a check to determine the version. If the version is higher than 5.6 the column 'authentication_string' will be used instead of 'password'. Tested on both MySQL 5.6 and 5.7.

The bug due to non existence of 'password' column in MySQL 5.7:

hashdump
@OsandaMalith
Update for MySQL 5.7 and above 
Starting from MySQL 5.7 the password column was changed to authentication_string. I've added a check to determine the version. Tested on both MySQL 5.6 and 5.7.
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
00ead05
@busterb

This comment has been minimized.

Sign in to view
Contributor

busterb commented Feb 8, 2018

@OsandaMalith you'll want to check the result of the automated checks above and resolve them. To test locally, run ./tools/dev/msftidy.rb modules/auxiliary/scanner/mysql/mysql_hashdump.rb

@busterb busterb added module bug enhancement labels Feb 8, 2018

@busterb busterb self-assigned this Feb 8, 2018

@busterb busterb merged commit 00ead05 into rapid7:master Feb 8, 2018
1 check failed

1 check failed

continuous-integration/travis-ci/pr The Travis CI build could not complete due to an error
Details

busterb added a commit that referenced this pull request Feb 8, 2018

@busterb
Land #9525, Update mysql_hashdump for MySQL 5.7 and above
Verified
This commit was signed with a verified signature.
@busterb busterb Brent Cook
GPG key ID: 1FFAA0B24B708F96 Learn about signing commits
44b08fe
@busterb

This comment has been minimized.

Sign in to view
Contributor

busterb commented Feb 8, 2018

See 1bb5499, I went ahead and fixed some of the minor style issues in the module and made the linter happy.

Thanks a lot for the update @OsandaMalith !

jmartin-r7 added a commit to jmartin-r7/metasploit-framework that referenced this pull request Feb 12, 2018

@busterb @jmartin-r7
Land rapid7#9525, Update mysql_hashdump for MySQL 5.7 and above
Verified
This commit was signed with a verified signature.
@jmartin-r7 jmartin-r7 Jeffrey Martin
GPG key ID: 0CD9BBC2AF15F171 Learn about signing commits
32bd516
@allrosenthal-r7

This comment has been minimized.

Sign in to view

allrosenthal-r7 commented Feb 27, 2018

@busterb can you please add release notes to the PR?
@allrosenthal-r7

This comment has been minimized.

Sign in to view

allrosenthal-r7 commented Feb 28, 2018

Release Notes

This fix resolves an issue caused by renaming the 'password' column as 'authentication_string' in MySQL version 5.7 and onwards. The auxiliary/scanner/mysql/mysql_hashdump module now checks the MySQL version and uses the appropriate name for the column.

@allrosenthal-r7 allrosenthal-r7 added the rn-fix label Feb 28, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment