GithubHelp home page GithubHelp logo

rmb122 / rogue_mysql_server Goto Github PK

View Code? Open in Web Editor NEW
662.0 662.0 75.0 268 KB

A rouge mysql server supports reading files from most mysql libraries of multiple programming languages.

License: MIT License

Go 99.77% Java 0.12% Shell 0.01% PHP 0.05% Python 0.02% Makefile 0.02%
expliot mysql vulnerability

rogue_mysql_server's People

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar

Forkers

fhgzs heartway iiiusky coffeehb bbghunter daybr4ak simlelcf r4b3rt eason-a8 icysun nan3r fbion secoba kungia09 silentsoul04 windows1988 p0desta fadinglr lzb960827 pyking n4ttt n0maj1o24 yekainew arnoldqqq phil-fly lzy1102 izj007 sry309 ajinwu daveqqq diggid4ever jidoer balalah yangbh z0edff0x3d dirchen-admin ekixu 1nhann nanaao sftrwo dummykitty ctrlaltdelet 5l1v3r1 little-gu atlassion raspberryhusky anqisec raindouble chi1ld meowwbox gysf666 trackscorer nnnnnr carr0t2 juneman brianwei1997 mmioimm cckuailong mssky9527 iq-scm dzero57 secloop sobinge devil-baal lz1998 am-ev xiaobai219 tovd-go mskky yemoli

rogue_mysql_server's Issues

部分库以及失效,无法编译

go: downloading vitess.io/vitess v3.0.0-rc.3.0.20190602171040-12bfde34629c+incompatible
go: downloading golang.org/x/net v0.0.0-20200602114024-627f9648deb9
rogue_mysql_server imports
vitess.io/vitess/go/sqltypes: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
golang.org/x/net/context: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/bucketpool: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/netutil: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/stats: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/sync2: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/tb: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/vt/proto/binlogdata: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/vt/proto/query: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/vt/proto/replicationdata: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/vt/proto/vtrpc: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/vt/sqlparser: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/vt/vterrors: zip: not a valid zip file
rogue_mysql_server imports
rogue_mysql_server/mysql imports
vitess.io/vitess/go/vt/vttls: zip: not a valid zip file

no such file or directory

Config read error: open /var/folders/nf/vmh0lyh139n39s3p0t2tbnzr0000gp/T/go-build2643144021/b001/exe/config.yaml: no such file or directory

读取文件不存在导致程序卡住

config.yaml中file_list: ["/etc/passwd", "C:/boot.ini",”xxxxxx“],当某个文件不存在时读取导致程序卡住以至于无法读取后面的文件,尝试跳过没有解决,请问有没有好的解决思路

time="2021-08-04 14:01:56" level=info msg="Server started at [0.0.0.0:3306]"
time="2021-08-04 14:02:31" level=info msg="New client from addr [[::1]:1037] logged in with username [root], ID [1]"
time="2021-08-04 14:02:31" level=info msg="==== ATTRS ===="
time="2021-08-04 14:02:31" level=info msg="[_thread]: [12980]"
time="2021-08-04 14:02:31" level=info msg="[_platform]: [AMD64]"
time="2021-08-04 14:02:31" level=info msg="[_client_version]: [10.1.46]"
time="2021-08-04 14:02:31" level=info msg="[_os]: [Win64]"
time="2021-08-04 14:02:31" level=info msg="[_client_name]: [libmysql]"
time="2021-08-04 14:02:31" level=info msg="[pid]: [21632]"
time="2021-08-04 14:02:31" level=info msg="==============="
time="2021-08-04 14:02:31" level=info msg="Client from addr [[::1]:1037], ID [1] try to query [SET NAMES utf8mb4]"
time="2021-08-04 14:02:31" level=info msg="Now try to read file [/etc/passwd] from addr [[::1]:1037], ID [1]"
time="2021-08-04 14:02:31" level=info msg="Read failed, file may not exist in client"
time="2021-08-04 14:02:31" level=info msg="Client from addr [[::1]:1037], ID [1] try to query [SHOW VARIABLES LIKE 'lower_case%']"
time="2021-08-04 14:02:31" level=info msg="Now try to read file [C:/boot.ini] from addr [[::1]:1037], ID [1]"
time="2021-08-04 14:02:31" level=info msg="Read failed, file may not exist in client"
time="2021-08-04 14:02:31" level=info msg="Client from addr [[::1]:1037], ID [1] try to query [ SHOW VARIABLES LIKE 'sql_mode']"

不会按照顺序依次读取文件

配置file_list: ["/etc/passwd", "C:/boot.ini"]

使用windows客户端连接mysql,只会读取/etc/passwd,文件不存在就不会继续读取c:/boot.ini文件

image

编译失败 

mysql/slave_status.go:45:23: unknown field 'SlaveIoRunning' in struct literal of type replicationdata.Status
mysql/slave_status.go:46:24: unknown field 'SlaveSqlRunning' in struct literal of type replicationdata.Status
mysql/slave_status.go:62:31: s.SlaveIoRunning undefined (type *replicationdata.Status has no field or method SlaveIoRunning)
mysql/slave_status.go:63:31: s.SlaveSqlRunning undefined (type *replicationdata.Status has no field or method SlaveSqlRunning)

在 vitess库里面没有这两个字段 https://github.com/vitessio/vitess/blob/master/go/vt/proto/replicationdata/replicationdata.pb.go#L52

Go1.15 运行失败

command-line-arguments

./main.go:194:43: undefined: schemaToFields
./main.go:194:58: undefined: Schema
./main.go:198:37: undefined: rowToSQL
./main.go:198:46: undefined: Row
./main.go:203:18: undefined: getMysqlVars

java jdbc 8.0.x 读不到文件

报错信息如下“

Exception in thread "main" java.sql.SQLSyntaxErrorException: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '/* mysql-connector-java-8.0.17 (Revision: 16a712ddb3f826a1933ab42b0039f7fb9eebc6ec) */SELECT  @@session.auto_increment_increment AS auto_increment_increment, @@character_set_client AS character_set_client, @@character_set_connection AS character_set_connection, @@character_set_results AS character_set_results, @@character_set_server AS character_set_server, @@collation_server AS collation_server, @@collation_connection AS collation_connection, @@init_connect AS init_connect, @@interactive_timeout AS interactive_timeout, @@license AS license, @@lower_case_table_names AS lower_case_table_names, @@max_allowed_packet AS max_allowed_packet, @@net_write_timeout AS net_write_timeout, @@performance_schema AS performance_schema, @@sql_mode AS sql_mode, @@system_time_zone AS system_time_zone, @@time_zone AS time_zone, @@transaction_isolation AS transaction_isolation, @@wait_timeout AS wait_timeout' at line 1
 at com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:120)
 at com.mysql.cj.jdbc.exceptions.SQLError.createSQLException(SQLError.java:97)
 at com.mysql.cj.jdbc.exceptions.SQLExceptionsMapping.translateException(SQLExceptionsMapping.java:122)
 at com.mysql.cj.jdbc.ConnectionImpl.createNewIO(ConnectionImpl.java:827)
 at com.mysql.cj.jdbc.ConnectionImpl.<init>(ConnectionImpl.java:447)
 at com.mysql.cj.jdbc.ConnectionImpl.getInstance(ConnectionImpl.java:237)
 at com.mysql.cj.jdbc.NonRegisteringDriver.connect(NonRegisteringDriver.java:199)
 at java.sql.DriverManager.getConnection(DriverManager.java:664)
 at java.sql.DriverManager.getConnection(DriverManager.java:247)
 at Test.main(Test.java:12)

服务端日志如下,可以看到连接信息,但是读不到文件
image

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.