Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Path: blob/master/modules/auxiliary/scanner/mysql/mysql_schemadump.rb
Views: 11783
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45require 'yaml'67class MetasploitModule < Msf::Auxiliary8include Msf::Exploit::Remote::MYSQL9include Msf::Auxiliary::Report10include Msf::Auxiliary::Scanner11include Msf::OptionalSession::MySQL1213def initialize14super(15'Name' => 'MYSQL Schema Dump',16'Description' => %Q{17This module extracts the schema information from a18MySQL DB server.19},20'Author' => ['theLightCosine'],21'License' => MSF_LICENSE22)2324register_options([25OptBool.new('DISPLAY_RESULTS', [true, "Display the Results to the Screen", true])26])2728end2930def run_host(ip)31# If we have a session make use of it32if session33print_status("Using existing session #{session.sid}")34self.mysql_conn = session.client35else36# otherwise fallback to attempting to login37return unless mysql_login_datastore38end3940mysql_schema = get_schema41mysql_schema.each do |db|42report_note(43:host => mysql_conn.peerhost,44:type => "mysql.db.schema",45:data => db,46:port => mysql_conn.peerport,47:proto => 'tcp',48:update => :unique_data49)50end51output = "MySQL Server Schema \n Host: #{mysql_conn.peerhost} \n Port: #{mysql_conn.peerport} \n ====================\n\n"52output << YAML.dump(mysql_schema)53this_service = report_service(54:host => mysql_conn.peerhost,55:port => mysql_conn.peerport,56:name => 'mysql',57:proto => 'tcp'58)59p = store_loot('mysql_schema', "text/plain", mysql_conn.peerhost, output, "#{mysql_conn.peerhost}_mysql_schema.txt", "MySQL Schema", this_service)60print_good("Schema stored in: #{p}")61print_good output if datastore['DISPLAY_RESULTS']62end636465def get_schema66mysql_schema=[]67res = mysql_query("show databases")68if res.size > 069res.each do |row|70next if row[0].nil?71next if row[0].empty?72next if row[0]== "information_schema"73next if row[0]== "mysql"74next if row[0]== "performance_schema"75next if row[0]== "test"76tmp_db ={}77tmp_db['DBName'] = row[0]78tmp_db['Tables'] = []79tmp_tblnames = get_tbl_names(row[0])80unless tmp_tblnames.nil? or tmp_tblnames.empty?81tmp_tblnames.each do |table_name|82tmp_tbl={}83tmp_tbl['TableName'] = table_name84tmp_tbl['Columns'] = []85tmp_clmnames = get_columns(tmp_db['DBName'],table_name)86unless tmp_clmnames.nil? or tmp_clmnames.empty?87tmp_clmnames.each do |column|88tmp_column = {}89tmp_column['ColumnName'] = column[0]90tmp_column['ColumnType'] = column[1]91tmp_tbl['Columns'] << tmp_column92end93end94tmp_db['Tables'] << tmp_tbl95end96end97mysql_schema << tmp_db98end99end100return mysql_schema101end102103# Gets all of the Tables names inside the given Database104def get_tbl_names(dbname)105106tables=[]107res = mysql_query("SHOW tables from #{dbname}")108if res.size > 0109res.each do |row|110next if row[0].nil?111next if row[0].empty?112tables<<row[0]113end114end115return tables116117end118119def get_columns(db_name,tbl_name)120tables=[]121res = mysql_query("desc #{db_name}.#{tbl_name}")122if res.size > 0123res.each do |row|124next if row[0].nil?125next if row[0].empty?126tables<< [row[0],row[1]]127end128end129return tables130end131end132133134