infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add a mysql mixin that wraps ruby-mysql (tmtm.org) 

git-svn-id: file:///home/svn/framework3/trunk@7977 4d416f70-5f16-0410-b530-b9f4589650da
unstable
HD Moore 2009-12-26 05:21:21 +00:00
parent ec9bc73e0f
commit 4331c111f1
3 changed files with 77 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/msf/core/exploit/mixins.rb
View File

@ -25,6 +25,7 @@ require 'msf/core/exploit/dcerpc'
require 'msf/core/exploit/sunrpc' require 'msf/core/exploit/sunrpc'
require 'msf/core/exploit/mssql' require 'msf/core/exploit/mssql'
require 'msf/core/exploit/mssql_commands' require 'msf/core/exploit/mssql_commands'
require 'msf/core/exploit/mysql'
require 'msf/core/exploit/snmp' require 'msf/core/exploit/snmp'
require 'msf/core/exploit/arkeia' require 'msf/core/exploit/arkeia'
require 'msf/core/exploit/ndmp' require 'msf/core/exploit/ndmp'

75
lib/msf/core/exploit/mysql.rb Normal file
View File

@ -0,0 +1,75 @@
##
# $Id$
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/framework/
##
###
# This module provides methods for communicating with a host running MySQL.
###
require 'msf/core'
require 'rbmysql'
module Msf
module Exploit::Remote::MYSQL
include Exploit::Remote::Tcp
def initialize(info = {})
super
register_options(
[
Opt::RHOST,
Opt::RPORT(3306),
OptString.new('MYSQL_USER', [ true, 'The username to authenticate as', 'root']),
OptString.new('MYSQL_PASS', [ false, 'The password for the specified username', '']),
], Msf::Exploit::Remote::MYSQL
)
end
def mysql_login(user='root', pass='', db=nil)
disconnect if self.sock
connect
@mysql_handle = ::RbMysql.connect({
:host => rhost,
:port => rport,
:socket => sock,
:user => user,
:password => pass,
:db => db
})
end
def mysql_logoff
@mysql_handle = nil if @mysql_handle
disconnect if self.sock
end
def mysql_login_datastore
mysql_login(datastore['MYSQL_USER'], datastore['MYSQL_PASS'])
end
def mysql_query(sql)
res = nil
begin
res = @mysql_handle.query(sql)
rescue ::RbMysql::Error => e
print_error("MySQL Error: #{e.class} #{e.to_s}")
return
end
res
end
end
end

2
lib/rbmysql/protocol.rb
View File

@ -506,7 +506,7 @@ class RbMysql
# If values is [1, nil, 2, 3, nil] then returns "\x12"(0b10010). # If values is [1, nil, 2, 3, nil] then returns "\x12"(0b10010).
def null_bitmap(values) def null_bitmap(values)
bitmap = values.enum_for(:each_slice,8).map do |vals| bitmap = values.enum_for(:each_slice,8).map do |vals|
vals.reverse.inject(0){|b, v|(b<<1 | (v ? 0 : 1))} vals.reverse.inject(0){|b, v|(b << 1 | (v ? 0 : 1))}
end end
return bitmap.pack("C*") return bitmap.pack("C*")
end end