PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-09 06:01:28 +00:00
Code Issues Projects Releases Wiki Activity

o [NSE] Added checks for missing OpenSSL to MySQL scripts and library [Patrik]

Browse Source
This commit is contained in:
patrik
2010-03-09 20:27:48 +00:00
parent 1bc598fb25
commit 2a44a941af
6 changed files with 79 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
nselib/mysql.lua
View File

@@ -13,7 +13,11 @@
module(... or "mysql", package.seeall)
require 'openssl'
local HAVE_SSL = false
if pcall(require,'openssl') then
HAVE_SSL = true
end
Capabilities =
{
@@ -121,31 +125,41 @@ function receiveGreeting( socket )
end
--- Creates a hashed value of the password and salt according to MySQL authentication post version 4.1
--
-- @param pass string containing the users password
-- @param salt string containing the servers salt as obtained from <code>receiveGreeting</code>
-- @return reply string containing the raw hashed value
local function createLoginHash(pass, salt)
local hash_stage1 = openssl.sha1( pass )
local hash_stage2 = openssl.sha1( hash_stage1 )
local hash_stage3 = openssl.sha1( salt .. hash_stage2 )
local reply = ""
if HAVE_SSL then
--- Creates a hashed value of the password and salt according to MySQL authentication post version 4.1
--
-- @param pass string containing the users password
-- @param salt string containing the servers salt as obtained from <code>receiveGreeting</code>
-- @return reply string containing the raw hashed value
local function createLoginHash(pass, salt)
local hash_stage1 = openssl.sha1( pass )
local hash_stage2 = openssl.sha1( hash_stage1 )
local hash_stage3 = openssl.sha1( salt .. hash_stage2 )
local reply = ""
local pos, b1, b2, b3, _ = 1, 0, 0, 0
for pos=1, hash_stage1:len() do
_, b1 = bin.unpack( "C", hash_stage1, pos )
_, b2 = bin.unpack( "C", hash_stage3, pos )
reply = reply .. string.char( bit.bxor( b2, b1 ) )
end
return reply
local pos, b1, b2, b3, _ = 1, 0, 0, 0
for pos=1, hash_stage1:len() do
_, b1 = bin.unpack( "C", hash_stage1, pos )
_, b2 = bin.unpack( "C", hash_stage3, pos )
reply = reply .. string.char( bit.bxor( b2, b1 ) )
end
return reply
else
local function createLoginHash(pass, salt)
return nil
end
end
--- Attempts to Login to the remote mysql server
--
-- @param socket already connected to the remote server
@@ -166,6 +180,10 @@ function loginRequest( socket, params, username, password, salt )
local authversion = params.authversion or "post41"
local username = username or ""
if not(HAVE_SSL) then
return false, "No OpenSSL"
end
if authversion ~= "post41" then
return false, "Unsupported authentication version: " .. authversion
end