- 14.6.4 MySQL Proxy Scripting
- 14.6.4.1 Proxy Scripting Sequence During Query Injection
- 14.6.4.2 Internal Structures
- 14.6.4.3 Capturing a connection with connect_server()
- 14.6.4.4 Examining the handshake with read_handshake()
- 14.6.4.5 Examining the authentication credentials with read_auth()
- 14.6.4.6 Accessing authentication information with read_auth_result()
- 14.6.4.7 Manipulating Queries with read_query()
- 14.6.4.8 Manipulating Results with read_query_result()
The read_auth() function is triggered when
an authentication handshake is initiated by the client. In the
execution sequence, read_auth() occurs
immediately after read_handshake(), so the
server selection has already been made, but the connection and
authorization information has not yet been provided to the
backend server.
You can obtain the authentication information by examining the
proxy.connection.client structure. For more
information, see
Section 14.6.4.2, “Internal Structures”.
For example, you can print the user name and password supplied during authorization using:
function read_auth()
print(" username : " .. proxy.connection.client.username)
print(" password : " .. string.format("%q", proxy.connection.client.scrambled_password))
end
You can interrupt the authentication process within this
function and return an error packet back to the client by
constructing a new packet and returning
proxy.PROXY_SEND_RESULT:
proxy.response.type = proxy.MYSQLD_PACKET_ERR proxy.response.errmsg = "Logins are not allowed" return proxy.PROXY_SEND_RESULT
User Comments
Add your own comment.