This script uses MySQL Proxy to execute shell commands from a MySQL client, and to display its result as any other query
MySQL Proxy is a simple program that sits between your client and MySQL server that can monitor, analyze or transform their communication. See
http://forge.mysql.com/wiki/MySQL_Proxy for more information.
Developed In:
Lua
--[[
Copyright (C) 2007 MySQL AB
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; version 2 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
--]]
---
-- Uses MySQL-Proxy to return output from shell commands
--
-- Using this script, you can request commands like
--
-- SHELL ls -l /usr/local/mysql/data
-- SHELL grep packet /etc/my.cnf
--
-- and get the result in tabular format, from any MySQL client
--
-- ====================================================
-- WARNING
-- ====================================================
-- This feature introduces a security risk
-- Use it only for administration, Not in applications
-- open to general users.
-- ====================================================
--
-- Written by Giuseppe Maxia, based on examples provided
-- by Jan Knesckhe
--
-- see http://forge.mysql.com/snippets/view.php?id=78
-- for details of how to return a result set
--
function read_query( packet )
if string.byte ( packet) == proxy.COM_QUERY then
local query = string.sub ( packet, 2 )
-- parsing the query, and checking if it requests a SHELL command
--
-- currently supported:
--
-- SHELL shell command
--
local com_type,command = string .match( query, "^%s*(%w+)%s+(%S.*)" )
--
-- file used to capture the shell command output
--
local result_file = '/tmp/lua.txt'
if ( string.upper ( com_type) == 'SHELL') then
print ( "we got a SHELL query: " .. command)
-- executing the shell command
shell_command = string .format ( '%s > %s 2 >&1 ', command, result_file)
os_result = os .execute ( shell_command)
if os_result == 0 then
proxy.response.type = proxy.MYSQLD_PACKET_OK
--
-- collecting the result
--
line_no = 1
shell_output_lines = { }
for line in io.lines ( result_file) do
shell_output_lines[ line_no] = { line}
line_no = line_no + 1
end
--
-- assembling the result set
--
proxy.response.resultset = {
fields = {
{
type = proxy.MYSQL_TYPE_STRING,
name = command,
} ,
} ,
rows = shell_output_lines
}
return proxy.PROXY_SEND_RESULT
else
--
-- assembling the error message
--
proxy.response.type = proxy.MYSQLD_PACKET_ERR
err_msg = " * "
for line in io.lines ( result_file) do
err_msg = err_msg .. line
end
out_msg = string .format ( "Shell error: (%d) %s" , os_result , err_msg)
proxy.response.errmsg = out_msg
return proxy.PROXY_SEND_RESULT
end
else
print ( "we got a normal query: " .. query)
end
end
end
Current Tags
You must be logged in to tag this tool