mysql ssl error
ehanhalici opened this issue · 10 comments
i have some problems with mysql. I'm running the mysql honeypot like this;
python3 mysql_server.py --custom --port 3306
then i try to connect with mysql client;
mysql -h 0.0.0.0 -p 3306 --user=test
it returns this error code;
ERROR 2026 (HY000): SSL connection error: error:00000000:lib(0):func(0):reason(0)
than i try this;
mysql -h 0.0.0.0 -p 3306 --user=root --ssl-mode=DISABLED
now current error is;
ERROR 2000 (HY000): Unknown MySQL error
When I debug the code's errors it handles the connectionMade function. then connectionLost works. I can't get username and password because dataReceived is not working.
Hi @ehanhalici Thanks for opening this issue. If you figure out why and found a fix submit it as PR. Otherwise, I will take a look into this next week!
i found this error. parse_data fuction is return False
index out of range
I added try-except in check_bytes function. This is output
'utf-8' codec can't decode byte 0x8a in position 2: invalid start byte
but I don't know how to convert it to what format
This is the data received when the message from the client is captured by dataReceived.
b'\x00\x00\x01\x8d\xae\xff\x19\x00\x00\x00\x01\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
However, in another code, when we concatenate messages with loop, the following is the result.
b'\x00\x00\x01\x8d\xae\xff\x19\x00\x00\x00\x01\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00' b'\x00\x00\x00\x00' b'\x16\x03\x01\x01 \x01\x00\x01\x1c\x03\x03\xee\x11O\xf0\\1\xba\xb5\xbc\xdaW\n~\xa6s"\x1c\x15\x0f(\x0b' b'\xee\x012\xa4b\x04\xe4\xa5V\x0b> <:\xa0\xb3\x9d\x04Y\x86\xecy\x1e \xab\xa35\xcbU\xf1\x14\xf7' b"4\xcb\xe9\xae\xb9\x07\x8cf@\x9a\xc4\x00H\x13\x02\x13\x03\x13\x01\xc0+\xc0,\xc0/\xc0#\xc0'\xc00" b'\xc0$\xc0(\x00\x9e\x00\xa2\x00g\x00@\x00\xa3\x00k\x00j\x00\x9f\xc0\x13\xc0\t\xc0\x14\xc0\n\x002\x003' b'\x008\x009\x005\x00\x84\x00A\x00\x9c\x00\x9d\x00<\x00=\x00/\x00\xff\x01\x00\x00\x8b\x00\x0b\x00\x04\x03\x00' b'\x01\x02\x00\n\x00\x0c\x00\n\x00\x1d\x00\x17\x00\x1e\x00\x19\x00\x18\x00#\x00\x00\x00\x16\x00\x00\x00\x17\x00\x00\x00\r' b'\x00*\x00(\x04\x03\x05\x03\x06\x03\x08\x07\x08\x08\x08\t\x08\n\x08\x0b\x08\x04\x08\x05\x08\x06\x04\x01\x05\x01\x06\x01' b'\x03\x03\x03\x01\x03\x02\x04\x02\x05\x02\x06\x02\x00+\x00\x05\x04\x03\x04\x03\x03\x00-\x00\x02\x01\x01\x003\x00&\x00' b'$\x00\x1d\x00 f\xd3\x0b\xc5\xa4man\x1el\x8b9\xe3_\xcb\xcb\x85\xeb\x83\x9d\x8f\xf8\x87\x81\xf8+\t' b'\x9b\xc1\x01%\x1e'
Is there a way to tell reactor to wait for all data?
I'm looking
@ehanhalici the issue will be fixed soon! Thanks for sharing the details
I checked the new update. yes it is working but returns this message :
ERROR 1040 (08004): Too many connections
It would be better if this message returns
ERROR 1045 (28000): Access denied for user 'test'@'127.0.0.1' (using password: YES)
but this is no problem. i close this issue
@ehanhalici I'm going to add a custom Access denied for wrong password, and keep Too many connections for good password.
Thank you for your interest
Done, and fixed other issues too
python3 mysql_server.py --custom --port 3306 --password correctpasswordWrong password
mysql -h 0.0.0.0 -p 3306 --user=test --password=wrongpasswordMysql Honeypot
[2021-12-16 13:00:39] [mysql] [connection] -> {"ip": "127.0.0.1", "port": "51080"}
[2021-12-16 13:00:39] [mysql] [login] -> {"ip": "127.0.0.1", "password": "9a384836ac495e30ee08a3bc7450ddef52ced20c", "port": "51080", "status": "failed", "username": "test"}ERROR 1045 (28000): Access denied..Correct password
mysql -h 0.0.0.0 -p 3306 --user=test --password=correctpassword[2021-12-16 13:02:20] [mysql] [connection] -> {"ip": "127.0.0.1", "port": "51084"}
[2021-12-16 13:02:20] [mysql] [login] -> {"ip": "127.0.0.1", "password": "correctpassword", "port": "51084", "status": "success", "username": "test"}ERROR 1040 (08004): Too many connections