Mysql
Decoding MySQL ~/.mylogin.cnf
Little tool to decode MySQL’s badly secured login-path. It does the same like the official MySQL server tools “my_print_defaults” (based on MySQL OSS python libs).
More security can be achieved by: https://www.percona.com/blog/2016/10/12/encrypt-defaults-file/
#!/usr/bin/env php
<?php
$fp = fopen(getenv('HOME') . '/.mylogin.cnf', "r");
if (!$fp) {
die("Cannot open .mylogin.cnf");
}
fseek($fp, 4);
$key = fread($fp, 20);
// generate real key
$rkey = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
for ($i = 0; $i < strlen($key); $i++) {
$rkey[$i % 16] = ($rkey[$i % 16] ^ $key[$i]);
}
$section = null;
$settings = [];
while ($len = fread($fp, 4)) {
// as integer
$len = unpack("V", $len);
$len = $len[1];
// decrypt
$crypt = fread($fp, $len);
$plain = openssl_decrypt($crypt, 'aes-128-ecb', $rkey, true);
$decoded = preg_replace("/[^\\x32-\\xFFFF]/", "", $plain);
if (preg_match('/^\[([^\]]+)]/', $decoded, $matches)) {
$section = $matches[1];
$settings[$section] = [];
} elseif (preg_match('/^(\w+)=(.*)/', $decoded, $matches)) {
$settings[$section][$matches[1]] = $matches[2];
}
}
fclose($fp);
echo json_encode($settings, JSON_PRETTY_PRINT);
src | [_mylogin_cnf of mycli][https://github.com/dbcli/mycli/blob/master/mycli/config.py]
IP in VPN vs. LAN: Alias IP Address by iptables
Scenario: Using a Consistent IP Address
When you’re at work, you are on the LAN and use an IP address like 192.168.x.x. When you work from home, you connect via VPN to the same database (DB), and your IP address changes to 10.x.x.x. You want to avoid changing configuration files for your application every time you switch environments.
This problem can be easily worked around using iptables to create an IP address alias.