Penetration Testing mailing list archives
Re: [PEN-TEST] Mysql version utility
From: Jonathan Leto <jonathan () leto net>
Date: Sun, 29 Oct 2000 18:55:17 -0500
After ten "telnet 3306" you will be denied acces until they do a flush hosts because it is an invalid connect . Doesn't really matter, but for testing it is a pain in the ass. Also, you wouldn't know the protocol version. Jacob Martinson (jmartinson () aperian com) was saying:
why not just telnet to port 3306? -jacob -----Original Message----- From: Jonathan Leto [mailto:jonathan () LETO NET] Sent: Sunday, October 29, 2000 3:33 PM To: PEN-TEST () SECURITYFOCUS COM Subject: [PEN-TEST] Mysql version utility Hello all, I wrote a small utility to find out the version of mysql on a remote server.From some testing that I did, a lot of webhosting companies do not block theoutside world from the mysql port, which is generally a bad thing. Most of them were running old versions with the single character password vulnerability. http://www.leto.net/code/yoursql-0.3.tar.gz -- jonathan () leto net "With pain comes clarity."
-- jonathan () leto net "With pain comes clarity."
Current thread:
- [PEN-TEST] Mysql version utility Jonathan Leto (Oct 31)
- <Possible follow-ups>
- Re: [PEN-TEST] Mysql version utility Jacob Martinson (Oct 31)
- Re: [PEN-TEST] Mysql version utility Jonathan Leto (Oct 31)
- Re: [PEN-TEST] Mysql version utility Jacob Martinson (Oct 31)
- Re: [PEN-TEST] Mysql version utility Ted Behling (Oct 31)