o [NSE] Added checks for missing OpenSSL to MySQL scripts and library [Patrik]

2025-12-09 14:11:29 +00:00 · 2010-03-09 20:27:48 +00:00
parent 1bc598fb25
commit 2a44a941af
6 changed files with 79 additions and 21 deletions
--- a/2
+++ b/2
@@ -2,6 +2,8 @@

 [NOT YET RELEASED]

+o [NSE] Added checks for missing OpenSSL to MySQL scripts and library [Patrik]
+
 o Made --resume work with recent changes to normal output. [jlanthea]

 o [NSE] Added the new snmp-interfaces script by Thomas Buchanan, which
--- a/nselib/mysql.lua
+++ b/nselib/mysql.lua
@@ -13,7 +13,11 @@

 module(... or "mysql", package.seeall)

-require 'openssl'
+local HAVE_SSL = false
+
+if pcall(require,'openssl') then
+  HAVE_SSL = true
+end

 Capabilities = 
 {
@@ -121,12 +125,15 @@ function receiveGreeting( socket )
 	
 end

--- Creates a hashed value of the password and salt according to MySQL authentication post version 4.1
--
-- @param pass string containing the users password
-- @param salt string containing the servers salt as obtained from <code>receiveGreeting</code>
-- @return reply string containing the raw hashed value
-local function createLoginHash(pass, salt)
+
+if HAVE_SSL then
+
+	--- Creates a hashed value of the password and salt according to MySQL authentication post version 4.1
+	--
+	-- @param pass string containing the users password
+	-- @param salt string containing the servers salt as obtained from <code>receiveGreeting</code>
+	-- @return reply string containing the raw hashed value
+	local function createLoginHash(pass, salt)

 		local hash_stage1 = openssl.sha1( pass )
 		local hash_stage2 = openssl.sha1( hash_stage1 )
@@ -144,8 +151,15 @@ local function createLoginHash(pass, salt)

 		return reply

+	end
+
+else
+	local function createLoginHash(pass, salt)
+		return nil
+	end
 end

+
 --- Attempts to Login to the remote mysql server
 --
 -- @param socket already connected to the remote server
@@ -166,6 +180,10 @@ function loginRequest( socket, params, username, password, salt )
 	local authversion = params.authversion or "post41"
 	local username = username or ""

+	if not(HAVE_SSL) then
+		return false, "No OpenSSL"
+	end	
+
 	if authversion ~= "post41" then
 		return false, "Unsupported authentication version: " .. authversion
 	end
--- a/scripts/mysql-brute.nse
+++ b/scripts/mysql-brute.nse
@@ -23,6 +23,15 @@ require 'unpwdb'
 -- Revised 01/23/2010 - v0.2 - revised by Patrik Karlsson, changed username, password loop, added credential storage for other mysql scripts, added timelimit
 -- Revised 01/23/2010 - v0.3 - revised by Patrik Karlsson, fixed bug showing account passwords detected twice

+-- ripped from ssh-hostkey.nse
+-- openssl is required for this script
+if not pcall(require,"openssl") then
+	portrule = function() return false end
+  	action = function() end
+  	stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.", filename )
+  	return;
+end
+
 portrule = shortport.port_or_service(3306, "mysql")

 action = function( host, port )
--- a/scripts/mysql-databases.nse
+++ b/scripts/mysql-databases.nse
@@ -26,6 +26,16 @@ require 'mysql'

 dependencies = {"mysql-brute", "mysql-empty-password"}

+-- ripped from ssh-hostkey.nse
+-- openssl is required for this script
+if not pcall(require,"openssl") then
+	portrule = function() return false end
+  	action = function() end
+  	stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.", filename )
+  	return;
+end
+
+
 -- Version 0.1
 -- Created 01/23/2010 - v0.1 - created by Patrik Karlsson

--- a/scripts/mysql-users.nse
+++ b/scripts/mysql-users.nse
@@ -32,6 +32,15 @@ dependencies = {"mysql-brute", "mysql-empty-password"}
 -- Version 0.1
 -- Created 01/23/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>

+-- ripped from ssh-hostkey.nse
+-- openssl is required for this script
+if not pcall(require,"openssl") then
+	portrule = function() return false end
+  	action = function() end
+  	stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.", filename )
+  	return;
+end
+
 portrule = shortport.port_or_service(3306, "mysql")

 action = function( host, port )
--- a/scripts/mysql-variables.nse
+++ b/scripts/mysql-variables.nse
@@ -40,6 +40,16 @@ dependencies = {"mysql-brute", "mysql-empty-password"}
 -- Version 0.1
 -- Created 01/23/2010 - v0.1 - created by Patrik Karlsson <patrik@cqure.net>

+-- ripped from ssh-hostkey.nse
+-- openssl is required for this script
+if not pcall(require,"openssl") then
+	portrule = function() return false end
+  	action = function() end
+  	stdnse.print_debug( 3, "Skipping %s script because OpenSSL is missing.", filename )
+  	return;
+end
+
+
 portrule = shortport.port_or_service(3306, "mysql")

 action = function( host, port )