Can I Use My Browser to Access MySQL server by sending requests in URL?
I have Tried giving URL of my Server and port to which it is bound send the user name and password in URL as properties and value
http://127.0.0.1:3306/?user=root&password=password
But it gives error like (J���
5.5.28����/,-<&Hv;�ÿ÷�€����������ca>OR08fzTsi�mysql_native_password�!��ÿ„#08S01Got packets out of order)
Does using Any protocol Work?
You are attempting to access a server bound on a port that does not speak the protocol of http, but the socket open request is naturally granted.
Mysql responds in non-http and non-html output, and your browser displays the gobbly-gook. As your browser is naturally not a mysql client with baked in mysql library calls to deal with that handshake, the train just went off the tracks.
Instead of trying to craft an extension to mysql to perform this, it is best to redirect one's focus to the likes of PHP, asp.net, a java back-end middle-ware, etc.
As for passing values like you are in the URL, I suggest you read This Blog Here and jump down to the text showing:
Doesn’t look too bad? Let’s take a look at the URL:
A_URL?domain=&subdomain=sdjflsdhkfhds&name=asdasdf&email=aaaaa#letthemeatspam.com&pass1=ThisIsMyPassword&pass2=ThisIsMyPassword&aggree=yes&error_multiple=&error_domain=&error_subdomain=&error_name=&error_email=&error_pass=2&error_tos=&error_number=&error_js=&error_disposable=1&error_bad_gmail=
Not only is that information sitting in your users cache, it is visible along the way between the user and server (perhaps half a dozen hops) and is logged. If that doesn't raise an eyebrow of concern, I don't know what more to say.
You cannot use your browser to access MySQL without installing a browser-based tool such as phpMyAdmin. I do not recommend this.
Instead, just use the MySQL command line client. From a shell prompt:
mysql -h127.0.0.1 -uroot -p
You will be prompted for your password.
Related
Background on the MySQL database: it was created from a Wordpress website. As far as I know, it can only be accessed through PuTTy with the ff credentials given to me by my client who I’m making the app for:
hostname
port
my username to get into server
my password to
get into server
mysql username
mysql password
It says from multiple sites that this is the PHP syntax to connect Android to MySQL
// Connecting to mysql database
$con = mysql_connect(DB_SERVER, DB_USER, DB_PASSWORD) or die(mysql_error());
It does not work and when checked for the connection error, it shows the error “Connection timed out.” when I put credentials needed (hostname, mysql
username and password). I’m assuming it’s because I need to get into the server first (with credentials #3 and #4).
Is there a workaround to this?
EDIT:
This is only based on the assumption that I am supposed to create a PHP file (that I will place inside a Jave file in Android Studio) to connect to their database. Are there other ways to connect to a private server?
Welcome Ateshi!
It sounds like you want an android app to directly access the mysql database that holds the content of a wordpress website.
The MySQL database server is most likely not publicly available on the internet for good reasons (security), as per this answer
You have posted some PHP code. PHP usually runs on the server alongside mysql, it not usually run on android.
Here is how you usually set up something like this:
Your android app makes a web request to http://yourexampleserver.com/example.php
Inside that example.php which is on the server, you have the PHP code that then does:
connects to mysql (with local credentials)
perhaps writes to the database
perhaps queries the database
formats the results into a useful format like JSON
The results are returned to java on your android which then usually shows them in the UI etc
This whole process is usually described as building a "webservice" for the app to use.
If however, you want the database contents to be stored offline and locally on android, then you probably need to connect to the server manually, export the database and download it, and then include it in your android project.
following Problem:
I want to Check all Open MySQL Ports in a network and give myself a list of them.
After this i want to check if i can get access to the MySQL database from the open ports.
It Would be just a security check script to avoid other people getting access to the databases.
Bash/perl/Powershell... maybe someone can give me a hint?
You can use NMAP for all port scanning tasks.
EDIT:
Lets asssume an example: mysql-vuln-cve2012-2122(This vulnerability tries to access the MySql server through open ports by bypassing authentication, if possible, also dumps the MySQL usernames and password hashes.)
Pre-requisite: You need the 'Vulns' library to be installed separately. Please read the documentation, to know more about how to install and other details, since it would be too tedious to explain it here.
mysql-vuln-cve2012-2122.pass
MySQL password. Default: nmapFTW.
mysql-vuln-cve2012-2122.user
MySQL username. Default: root.
mysql-vuln-cve2012-2122.iterations
Connection retries. Default: 1500.
mysql-vuln-cve2012-2122.socket_timeout
Socket timeout. Default: 5s.
Please leave the password blank to check for non-password vulnerabilities.
Command to run:
nmap -p3306 --script mysql-vuln-cve2012-2122 <target>
Here is your MySql instance
This will give an output, something like this:
PORT STATE SERVICE REASON
3306/tcp open mysql syn-ack
mysql-vuln-cve2012-2122:
VULNERABLE:
Authentication bypass in MySQL servers.
State: VULNERABLE
IDs: CVE:CVE-2012-2122
Description:
When a user connects to MariaDB/MySQL, a token (SHA
over a password and a random scramble string) is calculated and
compared
with the expected value. Because of incorrect casting, it might've
happened that the token and the expected value were considered
equal,
even if the memcmp() returned a non-zero value. In this case
MySQL/MariaDB would think that the password is correct, even while
it is
not. Because the protocol uses random strings, the probability of
hitting this bug is about 1/256.
Which means, if one knows a user name to connect (and "root"
almost
always exists), she can connect using *any* password by repeating
connection attempts. ~300 attempts takes only a fraction of
second, so
basically account password protection is as good as nonexistent.
Disclosure date: 2012-06-9
Extra information:
Server granted access at iteration #204
root:*9CFBBC772F3F6C106020035386DA5BBBF1249A11
debian-sys-maint:*BDA9386EE35F7F326239844C185B01E3912749BF
phpmyadmin:*9CFBBC772F3F6C106020035386DA5BBBF1249A11
For more and detailed info, please refer the above link.
The NMAP tools will not only help you in getting the list of port related vulnerabilities. It can also be used to search for other vulnerabilities like MySql injection,DDOS, brute force vulnerabilities and lot more. Though you need to download separate libraries for those.
I'd like to connect to a MySQL server (AWS RDS, if you must know) via SSL. I'm familiar with the basic mechanics involved.
All the methods I've seen so far involve running a SQL query to determine that the current connection uses SSL.
My concern is that this is a "chicken and egg" problem: I would need to send my credentials to the server potentially in plain text, so I can run a query on the server to determine that it was not plain text.
Is there a way to run the SHOW STATUS LIKE 'Ssl_cipher'; query without first authenticating?
This seems like a pretty basic requirement (I'd like to know that my password will be encrypted BEFORE sending it over the wire) but it seems difficult to find the required information.
I've read the following resources:
https://kb.berkeley.edu/page.php?id=23112
http://dev.mysql.com/doc/refman/5.1/en/ssl-options.html
http://dev.mysql.com/doc/refman/5.0/en/creating-ssl-certs.html
MySQL native authentication was never sending password over network without regard of SSL usage (it always sends result of function of password and salt returned from Server instead).
In recent versions it may be beneficial to send clear text password - but that may happen only if you explicitly provide option (on client) --enable-cleartext-plugin (or similar).
I've got an AWS EC2 instance, with the usual keypair access technique (and not password access), and am using Coda to do site development on it. I've been able to configure my .ssh stuff so that Coda can connect to the site's files, and I can see them in the Remote Files pane. However, I haven't been able to get through to the database. I'm trying to set up a MySQL pane with "Connect to MySQL Server via SSH", but, regardless of what I use for parameters in that panel, I keep getting one varient or another of "The SSH Tunnel has unexpectedly closed." Has anybody been able to get database access to work? I've got a phpMyAdmin installation working on the site, but I've kinda gotten use to the Coda interface... Thanks!
The trick is to use ~/.ssh/config. Use it to create an alias with all your settings (host, port, username, password, private key, etc) and then just point to the alias.
Helpful post: http://nerderati.com/2011/03/17/simplify-your-life-with-an-ssh-config-file/
Background
A html page will ask the user to type their username and password. These are credentials for a MySQL database (i.e. they will be used in JDBC connection so that no password is physically stored in the files).
On submit a servlet will be called which tries to connect to the database. If it can, the credentials are correct and a JSP page will load. If not, an error will be displayed.
If the login was a success, the web application will then use servlets perforimng SQL queries/updates on the database and returning Java Beans to JSP pages.
Questions
For memory purposes I'm guessing the JDBC will need to be closed meaning subsequent pages will need to restart the connection using the credentials provided earlier. Obviously the user doesn't want to be providing a password everytime so it's going to have to be stored anyway. If they are stored in a Java object/bean for that session (considering it would have to be plaintext so it could be retrieved and used)...are they susceptible to attack? Is that just a bad as storing it as text within the code?
I'm assuming someone could hack into the session and call the object (if they know this?) with the details in and voila?
What alternatives are there?
Since starting a new connection is so expensive, the connection is saved in the session. Therefore subsequent pages get the same connection object.
As for the security of this: this is as secure as your webserver. If someone can get access to the host and login as the user under which the webserver runs or as root, they can get access to the process.
This doesn't give them access to the credentials, though, since the JDBC driver doesn't save them either (unless you use a global datasource which you don't). They could try to invoke methods on the connection object but that's equivalent to hacking a running Java VM and that's pretty hard to do unless you fail to install all the available security updates.