I made this just for fun, use for illegal purposes are not allowed. The mysql client read the password, then write this for some malloc’ed memory, and free it, but just because a chunk was freed doesn’t mean it will be used again, to ensure that your programs not keep sensitive information in memory you must overwrite the memory.
The main goal is get the password passed through tty, but sometimes it also gets the password passed from command line (-pxxxxxx).
Tested in mysql Ver 15.1 Distrib 10.3.13-MariaDB, for Linux (x86_64) using readline 5.1
Also Read – Pyrit : The Famous WPA Pre-Computed Cracker, Migrated from Google
Compiling
For compile you only need to run make, if you want add some flags, for any reason, you can do that with CFLAGS=myflags make.
if the system mysql client is not placed at /usr/bin/mysql you’ll need compile with CFLAGS=-DMYSQLCLI=/path/to/mysql make
Options
mysql-magic [options]
-o comma-separated list of offset
-s search the memory for passwords and get offset
-d Write heap to the folder
-l Listen mode, wait for outgoing ipv4 connections on port 3306
-r Sleep time (Default: 3 seconds)
-p Use process_vm_readv instead of /proc/pid/mem
pass -d is a good thing to do, the password, and some informations like old queries, can remain in memory, so you can analyse this and maybe build a wordlist based on it, if the password don’t are in the offset
Demo
Got it! Below is the updated README.md file with instructions for downloading the project on…
Termo-Kali bridges the gap between powerful Linux capabilities and the convenience of mobile devices by…
Welcome to the Ethical Hacking Quiz Application, designed to help learners test their knowledge of…
The WPA2 Handshake Automation Tool is a Python3 script designed to simplify the process of setting up…
A custom bash script designed to streamline your startup process and enhance your scripting skills.…
Welcome to the Cybersecurity Toolkit, a collection of essential Python tools designed for penetration testing…