Sniff a mysql password?

[flugh]

Okay, I know it's like sticking my head out and begging for it to be cut off, but bear with me, it's nothing evil

I bought a program (AM by

http://www.intranet2internet.com,

the free AccessDUMP tool is great too, check it out). For some reason when I try to use it to connect to my MySQL server, it uses the username "ODBC" instead of the userass I provide. I created a user named "ODBC" with a blank password, still get connection denied. Tried using "ODBC" for password too, still denied. I have given ample privilege to the user account to login from the machine, etc. I tried tcpdump, but didn't get any useful output (I'm assuming the password is sent encrypted over the wire).

So, I am hoping maybe someone here may have run into a similar situation and had come up with a solution.

And just to clarify, I own the box, I own the program (they haven't bothered to respond to my 'bug report' pointing out that their program made up it's own userass instead of the one I supplied). There doesn't seem to be any login info stored in the registry or .ini file anywhere. I'm stumped.

Hmm, can you do a %wildcard in the password field?

----
JBR

 

[lebisol]

hm.....return your Soft_ware and take a look @

http://ems-hitech.com/mymanager/

I assume ur after some managing tools....
All the best!

> need more info?
:: don't click HERE ::

 

[flugh]

I got lazy with buying this software. After looking at how it works, I could probably blow the dust off my Visual Basic CD and code up something similar. I just liked the 'open an mdb, click the menu, automagically stuffed into mysql' thing. I used the free tool, AccessDUMP, to make .sql dumps, then feed that into mysql from the commandline. Just looking for convenience...

Ok, I was drinking a few beers and was over powered by it's gee-whizness. So I spent $27 and still can't get what I wanted. I just don't like getting beating by a program like that ;-)

----
JBR

 

[lebisol]

hehehehe I know the feeling.....
I would imagine that MySQL 5 will trigger some more tools so I guess in the meantime u wasted a few beers on the sofware....
my guess is that that software has issues using ODBC drivers or perhpas requires ODBC-MySQL update....re-install booth and see what happens...
all the best!

> need more info?
:: don't click HERE ::

 

[rzs0502]

I've exported Access data to MySQL by doing the following.

Create the MySQL database.
Create an ODBC connection to it with the MySQL ODBC Driver.
Open the Access database.
Select the table and export to the ODBC DSN you created.

I am having problems using the ODBC driver to connect to MySQL 5.0 but it works well with the previous versions.

 

[flugh]

When I did the export via ODBC thing, I had to do each table seperately. I have 22 tables (and still growing) in the db. It was just a little too 'manual' for my taste.

In the meantime, I installed

http://ettercap.sf.net.

One of it's features is password collection from a pile of different types of traffic (mysql is one). Still no luck though :-(

----
JBR

 

[rzs0502]

The software could be using the libmysql.dll to connect to the database without a username & password.
You can do the same by just typing `mysql` in the command line. `select user()` will the return ODBC@localhost

A workaround to you problem would be to grant access to the blank user to your database.
GRANT ALL PRIVILEGES ON `your_db`.* TO ''@'localhost'

Remove this when you're done as it exposes your database to anyone.