Atticuss
Atticuss
right now, every established tcp connection is tracked. need to implement logic to remove tracking of conns assumed to not be db related and to known bad conn list. will...
look into the feasability of using tcp injection during mysql connection phase to instructs clients to use mysql_old_password auth protocol. would allow for easy stealing of passwords due to weak...
pymysql doesn't handle replies to COM_FIELD_LIST. have to build parser.
Right now Scapy picks the interface to listen on, should be able to specify which
Ability to import private keys to decrypt traffic. Capturing/importing of public keys to enable pillage tool to work over encrypted traffic.
Occasionally an error will get thrown claiming [TCP] does not exist in pkt. Why? Scapy filter already set to capture only TCP traffic.
sql reqs/resps need to be logged by their origins so all known dbs and clients can be tracked. long term goal: build known schema by passively watching queries.
pillage functionality still needs to be developed: execution of arbitrary sql commands on a target db via tcp injection
Declutter main class by pulling all thread classes and putting them in their own respective files.
Right now the code determines which parser to pass packets to s/dports. This breaks any time non standard ports as used. Should be more robust.