Metasploit mailing list archives
Re: mysql_enum and mysql_sql error
From: Amin <amin () zitune ch>
Date: Thu, 07 Jan 2010 12:22:13 +0100
OK, there seems to be a problem using unix-sockets. We can force msf to use tcp sockets by specifying RHOST to something different then 'localhost' or '127.0.0.1' and by setting
a corresponding /etc/hosts entry. msf auxiliary(mysql_sql) > set RHOST foohost RHOST => foohost msf auxiliary(mysql_sql) > run [*] Sending statement: 'select version()'... [*] | 5.1.42 | [*] Auxiliary module execution completed mysql_enum still fails: msf auxiliary(mysql_sql) > set RHOST foohost RHOST => foohost msf auxiliary(mysql_enum) > run [*] Running MySQL Enumerator... [*] Enumerating Parameters [*] MySQL Version: 5.1.42 [*] Compiled for the following OS: pc-linux-gnu [*] Architecture: i686 [*] Server Hostname: bt [*] Data Directory: /usr/local/mysql/data/ [*] Logging of queries and logins: OFF [*] Old Password Hashing Algorithm OFF [*] Loading of local files: ON [*] Logins with old Pre-4.1 Passwords: OFF [*] Allow Use of symlinks for Database Files: YES [*] Allow Table Merge: [*] SSL Connection: DISABLED [*] Enumerating Accounts: [-] Auxiliary failed: NoMethodError undefined method `count' for #<RbMysql::SimpleQueryResult:0xb5d4104c> [-] Call stack: [-] (eval):84:in `run' [*] Auxiliary module execution completed Bugfix: Use res.size instead of res.count in mysql_enum.rb. Quoting Amin <amin () zitune ch>:
Hi All, the auxiliary/admin/mysql/mysql_sql and auxiliary/admin/mysql/mysql_enum modules fail to connect to the mysql server. What am i missing here? Meilleurs salutations, Amin -------------------------------------------------- _ _ _ | | (_)_ ____ ____| |_ ____ ___ ____ | | ___ _| |_ | \ / _ ) _)/ _ |/___) _ \| |/ _ \| | _) | | | ( (/ /| |_( ( | |___ | | | | | |_| | | |__ |_|_|_|\____)\___)_||_(___/| ||_/|_|\___/|_|\___) |_| =[ metasploit v3.3.4-dev [core:3.3 api:1.0] + -- --=[ 490 exploits - 225 auxiliary + -- --=[ 192 payloads - 23 encoders - 8 nops =[ svn r8082 updated today (2010.01.07) msf > use auxiliary/scanner/mysql/version msf auxiliary(version) > set RHOSTS localhost RHOSTS => localhost msf auxiliary(version) > run [*] 127.0.0.1:3306 is running MySQL 5.1.42 (protocol 10) [*] Scanned 1 of 1 hosts (100% complete) [*] Auxiliary module execution completed msf auxiliary(version) > back msf > use auxiliary/scanner/mysql/mysql_login msf auxiliary(mysql_login) > set RHOSTS localhost RHOSTS => localhost msf auxiliary(mysql_login) > set MYSQL_PASS Cothiew1 MYSQL_PASS => Cothiew1 msf auxiliary(mysql_login) > run [*] 127.0.0.1:3306 successful logged in as 'root' with password 'Cothiew1' [*] Scanned 1 of 1 hosts (100% complete) [*] Auxiliary module execution completed msf auxiliary(mysql_login) > back msf > use auxiliary/admin/mysql/mysql_sql msf auxiliary(mysql_sql) > setg RHOST localhost RHOST => localhost msf auxiliary(mysql_sql) > setg MYSQL_PASS Cothiew1 MYSQL_PASS => Cothiew1 msf auxiliary(mysql_sql) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- MYSQL_PASS Cothiew1 no The password for the specified username MYSQL_USER root yes The username to authenticate as RHOST localhost yes The target address RPORT 3306 yes The target port SQL select version() yes The SQL to execute. msf auxiliary(mysql_sql) > run [-] Auxiliary failed: TypeError can't convert Socket into String [-] Call stack: [-] /root/msf/lib/rbmysql/protocol.rb:191:in `initialize' [-] /root/msf/lib/rbmysql/protocol.rb:191:in `new' [-] /root/msf/lib/rbmysql/protocol.rb:191:in `initialize' [-] /usr/lib/ruby/1.8/timeout.rb:48:in `timeout' [-] /root/msf/lib/rbmysql/protocol.rb:188:in `initialize' [-] /root/msf/lib/rbmysql.rb:148:in `new' [-] /root/msf/lib/rbmysql.rb:148:in `connect' [-] /root/msf/lib/rbmysql.rb:88:in `connect' [-] /root/msf/lib/msf/core/exploit/mysql.rb:42:in `mysql_login' [-] /root/msf/lib/msf/core/exploit/mysql.rb:58:in `mysql_login_datastore' [-] (eval):39:in `run' [*] Auxiliary module execution completed msf auxiliary(mysql_sql) > back msf > use auxiliary/admin/mysql/mysql_enum msf auxiliary(mysql_enum) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- MYSQL_PASS Cothiew1 no The password for the specified username MYSQL_USER root yes The username to authenticate as RHOST localhost yes The target address RPORT 3306 yes The target port SQL select version() yes The SQL to execute. msf auxiliary(mysql_sql) > run [-] Auxiliary failed: TypeError can't convert Socket into String [-] Call stack: [-] /root/msf/lib/rbmysql/protocol.rb:191:in `initialize' [-] /root/msf/lib/rbmysql/protocol.rb:191:in `new' [-] /root/msf/lib/rbmysql/protocol.rb:191:in `initialize' [-] /usr/lib/ruby/1.8/timeout.rb:48:in `timeout' [-] /root/msf/lib/rbmysql/protocol.rb:188:in `initialize' [-] /root/msf/lib/rbmysql.rb:148:in `new' [-] /root/msf/lib/rbmysql.rb:148:in `connect' [-] /root/msf/lib/rbmysql.rb:88:in `connect' [-] /root/msf/lib/msf/core/exploit/mysql.rb:42:in `mysql_login' [-] /root/msf/lib/msf/core/exploit/mysql.rb:58:in `mysql_login_datastore' [-] (eval):39:in `run' [*] Auxiliary module execution completed msf auxiliary(mysql_sql) > back msf > use auxiliary/admin/mysql/mysql_enum msf auxiliary(mysql_enum) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- MYSQL_PASS Cothiew1 no The password for the specified username MYSQL_USER root yes The username to authenticate as RHOST localhost yes The target address RPORT 3306 yes The target port msf auxiliary(mysql_enum) > run [-] Auxiliary failed: TypeError can't convert Socket into String [-] Call stack: [-] /root/msf/lib/rbmysql/protocol.rb:191:in `initialize' [-] /root/msf/lib/rbmysql/protocol.rb:191:in `new' [-] /root/msf/lib/rbmysql/protocol.rb:191:in `initialize' [-] /usr/lib/ruby/1.8/timeout.rb:48:in `timeout' [-] /root/msf/lib/rbmysql/protocol.rb:188:in `initialize' [-] /root/msf/lib/rbmysql.rb:148:in `new' [-] /root/msf/lib/rbmysql.rb:148:in `connect' [-] /root/msf/lib/rbmysql.rb:88:in `connect' [-] /root/msf/lib/msf/core/exploit/mysql.rb:42:in `mysql_login' [-] /root/msf/lib/msf/core/exploit/mysql.rb:58:in `mysql_login_datastore' [-] (eval):39:in `run' [*] Auxiliary module execution completed msf auxiliary(mysql_enum) > _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- mysql_enum and mysql_sql error Amin (Jan 07)
- Re: mysql_enum and mysql_sql error Amin (Jan 07)
- Re: mysql_enum and mysql_sql error (patches) Amin (Jan 07)
- Re: mysql_enum and mysql_sql error (patches) Carlos Perez (Jan 07)
- Re: mysql_enum and mysql_sql error (patches) Amin (Jan 07)
- Re: mysql_enum and mysql_sql error Amin (Jan 07)