38 lines
1.2 KiB
Go
38 lines
1.2 KiB
Go
package services
|
|
|
|
import (
|
|
"net"
|
|
"time"
|
|
)
|
|
|
|
func NewMySQLHandler(log LoggerFunc) Handler {
|
|
return func(conn net.Conn) {
|
|
defer conn.Close()
|
|
remote := conn.RemoteAddr().String()
|
|
// Simple handshake prefix
|
|
handshake := []byte{0x4a,0x00,0x00,0x00,0x0a}
|
|
handshake = append(handshake, []byte("5.7.34-0ubuntu0.18.04.1\x00")...)
|
|
handshake = append(handshake, []byte{0x01,0x00,0x00,0x00, 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, 0x00, 0xff,0xf7, 0x08, 0x02,0x00, 0x0f,0x80, 0x15}...)
|
|
_, _ = conn.Write(handshake)
|
|
conn.SetDeadline(time.Now().Add(30 * time.Second))
|
|
buf := make([]byte, 1024)
|
|
n, err := conn.Read(buf)
|
|
if err == nil && n > 4 {
|
|
payload := buf[4:n]
|
|
if len(payload) > 32 {
|
|
us := 32
|
|
ue := us
|
|
for ue < len(payload) && payload[ue] != 0 { ue++ }
|
|
if ue < len(payload) {
|
|
username := string(payload[us:ue])
|
|
log(Record{Timestamp: Now(), RemoteAddr: remoteIP(remote), RemotePort: remotePort(remote), Service: "mysql", Details: map[string]string{"event":"auth_attempt","username":username}})
|
|
}
|
|
}
|
|
}
|
|
// error packet
|
|
errorPacket := []byte{0x24,0x00,0x00,0x01, 0xff, 0x10,0x04, 0x23,0x48,0x59,0x30,0x30,0x30}
|
|
errorPacket = append(errorPacket, []byte("Access denied for user")...)
|
|
_, _ = conn.Write(errorPacket)
|
|
}
|
|
}
|