MySQL Enum

MySQL enumeration

CheckList

  • Check for version

  • Try passwordless connection,authentication

  • If authenticated try to access database, tables.

  • See if you can upload shell.

MySQL nmap scripts

nmap -sV -Pn -vv  10.10.10.10 -p 3306 --script mysql-audit,mysql-databases,mysql-dump-hashes,mysql-empty-password,mysql-enum,mysql-info,mysql-query,mysql-users,mysql-variables,mysql-vuln-cve2012-2122

Brute-Force credentials

hydra -l root -P /usr/share/wordlists/rockyou.txt 10.10.10.10 mysql -t 4

Try to login to MYSQL target

mysql -h 10.10.10.10 -u root -p
PreviousSSH EnumNextOracle Enum

Last updated