Documentation
¶
Index ¶
- func PerformAuthentication(ctx context.Context, target, username, password, database, sslMode string, ...) (bool, string, error)
- func PerformAuthenticationWithMetadata(ctx context.Context, target, username, password, database, sslMode string, ...) (bool, string, string, string, error)
- func PerformProbe(ctx context.Context, target string, timeoutMs int) *mysqlfern.ProbeResult
- func RunPentest(ctx context.Context, config *mysqlfern.PentestMysqlConfig) (*mysqlfern.PentestMysqlReport, error)
- func RunQuery(ctx context.Context, ...) (*mysqlfern.QueryResult, error)
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func PerformAuthentication ¶
func PerformAuthentication(ctx context.Context, target, username, password, database, sslMode string, timeoutMs int) (bool, string, error)
PerformAuthentication attempts a single MySQL authentication and returns success, message, error. Honors:
- database — optional initial database to SELECT after auth ("" = no DBName)
- sslMode — DISABLE | PREFER | REQUIRE (case-insensitive; "" = driver default)
Used by both the spray module (which passes "" for database + sslMode) and the pentest service mysql cobra command (which threads --database / --ssl).
Lightweight path: does NOT run any post-auth metadata queries. Spray pays only for connect + ping. The per-service AUTH driver that wants serverVersion / databaseName calls PerformAuthenticationWithMetadata instead.
func PerformAuthenticationWithMetadata ¶ added in v0.0.191
func PerformAuthenticationWithMetadata(ctx context.Context, target, username, password, database, sslMode string, timeoutMs int) (bool, string, string, string, error)
PerformAuthenticationWithMetadata is the variant called by the per-service AUTH driver to populate `serverVersion` and `databaseName` on the typed MySQL AuthResult. Returns the same success/message/error as PerformAuthentication plus, on success, the connected database and the server's version string (queried in the same authenticated session, no extra connection). On failure both metadata strings are empty.
Kept as a separate function so the spray path doesn't pay for the metadata queries on every successful credential — those queries are extra round-trips against a server we're frequently probing tens of thousands of times.
func PerformProbe ¶ added in v0.0.178
PerformProbe connects to a MySQL server and reads the initial handshake or error packet to extract server-info banner data. No credentials are required. It always returns a non-nil result; failures are recorded inside it.
func RunPentest ¶ added in v0.0.178
func RunPentest(ctx context.Context, config *mysqlfern.PentestMysqlConfig) (*mysqlfern.PentestMysqlReport, error)
RunPentest performs MySQL pentest operations across all configured targets. It dispatches the requested actions (PROBE and/or AUTH) for each target and collects every per-target result into a single PentestMysqlReport.
func RunQuery ¶ added in v0.0.188
func RunQuery(ctx context.Context, target, username, password, database, sslMode, query string, allowMutations bool, timeoutMs int) (*mysqlfern.QueryResult, error)
RunQuery executes a single SQL query against a MySQL target using the supplied credentials. When allowMutations is false, DML/DDL statements are rejected before execution and the query runs inside a read-only transaction so the server enforces it. Returns a QueryResult with column names, rows, and count.
Types ¶
This section is empty.
Source Files