mysql NSE Library — Nmap Scripting Engine documentation (original) (raw)

Functions

Simple MySQL Library supporting a very limited subset of operations.

https://dev.mysql.com/doc/internals/en/client-server-protocol.html

Author:

Copyright © Same as Nmap--See https://nmap.org/book/man-legal.html

Source: https://svn.nmap.org/nmap/nselib/mysql.lua

Functions

decodeDataPackets (data, count)

Decodes the row data

decodeField (data, pos)

Decodes a single column field

decodeFieldPackets (data, count)

Decodes as field packet and returns a table of field tables

decodeQueryResponse (socket)

Decodes the result set header packet into its sub components

formatResultset (rs, options)

Formats the resultset returned from sqlQuery

loginRequest (socket, params, username, password, salt)

Attempts to Login to the remote mysql server

receiveGreeting (socket)

Receives the server greeting upon initial connection

sqlQuery (socket, query)

Sends the query to the MySQL server and then attempts to decode the response

Functions

decodeDataPackets (data, count)

Decodes the row data

ref: http://forge.mysql.com/wiki/MySQL_Internals_ClientServer_Protocol#Row_Data_Packet

Parameters

data

string containing the row data packet

count

number containing the number of fields to decode

Return values:

  1. status true on success, false on failure
  2. rows table containing row tables

decodeField (data, pos)

Decodes a single column field

http://forge.mysql.com/wiki/MySQL_Internals_ClientServer_Protocol#Field_Packet

Parameters

data

string containing field packets

pos

number containing position from which to start decoding the position should point to the data in this buffer (ie. after the header)

Return values:

  1. pos number containing the position after the field was decoded
  2. field table containing catalog, database, table,origt_table, name, orig_name,length and type

decodeFieldPackets (data, count)

Decodes as field packet and returns a table of field tables

ref: http://forge.mysql.com/wiki/MySQL_Internals_ClientServer_Protocol#Field_Packet

Parameters

data

string containing field packets

count

number containing the amount of fields to decode

Return values:

  1. status boolean (true on success, false on failure)
  2. fields table containing field tables as returned by decodeField or string containing error message if status is false

decodeQueryResponse (socket)

Decodes the result set header packet into its sub components

ref: http://forge.mysql.com/wiki/MySQL_Internals_ClientServer_Protocol#Result_Set_Header_Packet

Parameters

socket

socket already connected to MySQL server

Return value:

table containing the following header, fields and data

formatResultset (rs, options)

Formats the resultset returned from sqlQuery

Parameters

rs

table as returned from sqlQuery

options

table containing additional options, currently: - noheaders - does not include column names in result

Return value:

string containing the formatted resultset table

loginRequest (socket, params, username, password, salt)

Attempts to Login to the remote mysql server

Parameters

socket

already connected to the remote server

params

table with additional options to the loginrequest current supported fields are charset and authversion authversion is either "pre41" or "post41" (default is post41) currently only post41 authentication is supported

username

string containing the username of the user that is authenticating

password

string containing the users password or nil if empty

salt

string containing the servers salt as received from receiveGreeting

Return values:

  1. status boolean
  2. response table or error message on failure

receiveGreeting (socket)

Receives the server greeting upon initial connection

Parameters

socket

already connected to the remote server

Return values:

  1. status true on success, false on failure
  2. response table with the following fields proto, version,threadid, salt, capabilities, charset andstatus or error message on failure (status == false)

sqlQuery (socket, query)

Sends the query to the MySQL server and then attempts to decode the response

Parameters

socket

socket already connected to mysql

query

string containing the sql query

Return values:

  1. status true on success, false on failure
  2. rows table containing row tables as decoded by decodeDataPackets