New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update for MySQL 5.7 and above #9525

Merged
merged 1 commit into from Feb 8, 2018

Conversation

Projects
None yet
3 participants
@OsandaMalith
Contributor

OsandaMalith commented Feb 8, 2018

Starting from MySQL 5.7 the 'password' column was changed to 'authentication_string'. I've added a check to determine the version. If the version is higher than 5.6 the column 'authentication_string' will be used instead of 'password'. Tested on both MySQL 5.6 and 5.7.

The bug due to non existence of 'password' column in MySQL 5.7:

hashdump

Update for MySQL 5.7 and above
Starting from MySQL 5.7 the password column was changed to authentication_string. I've added a check to determine the version. Tested on both MySQL 5.6 and 5.7.
@busterb

This comment has been minimized.

Contributor

busterb commented Feb 8, 2018

@OsandaMalith you'll want to check the result of the automated checks above and resolve them. To test locally, run ./tools/dev/msftidy.rb modules/auxiliary/scanner/mysql/mysql_hashdump.rb

@busterb busterb self-assigned this Feb 8, 2018

@busterb busterb merged commit 00ead05 into rapid7:master Feb 8, 2018

1 check failed

continuous-integration/travis-ci/pr The Travis CI build could not complete due to an error
Details

busterb added a commit that referenced this pull request Feb 8, 2018

@busterb

This comment has been minimized.

Contributor

busterb commented Feb 8, 2018

See 1bb5499, I went ahead and fixed some of the minor style issues in the module and made the linter happy.

Thanks a lot for the update @OsandaMalith !

jmartin-r7 added a commit to jmartin-r7/metasploit-framework that referenced this pull request Feb 12, 2018

@allrosenthal-r7

This comment has been minimized.

allrosenthal-r7 commented Feb 27, 2018

@busterb can you please add release notes to the PR?

@allrosenthal-r7

This comment has been minimized.

allrosenthal-r7 commented Feb 28, 2018

Release Notes

This fix resolves an issue caused by renaming the 'password' column as 'authentication_string' in MySQL version 5.7 and onwards. The auxiliary/scanner/mysql/mysql_hashdump module now checks the MySQL version and uses the appropriate name for the column.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment