twitter

Nmap Scripting Engine – MySQL


Nmap Usage

Nmap needs the following information port number, script name, any script arguments (optional), and the IP of the target.

nmap -p <port> –script <script-same> –script-args <script arguemens> <target IP>

MySQL listing databases

nmap -p 3306 –script mysql-databases –script-args mysqluser=root 192.168.2.66


Using the mysql-databases script we can view the databases in MySQL. In this instance there was no password, however, to enter a password use the script-args “mysqlpass=<password>.”

MySQL empty password

nmap -p3306 –script mysql-empty-password,mysql-databases 192.168.2.66


In the previous example, we logged into MySQL using a blank password. Using the “mysql-empty-password” script along with the “mysql-databases” script we can detect any instances of MySQL that is running without a password and it will show the databases.

MySQL user listing

nmap -p3306 –script mysql-empty-password,mysql-users 192.168.2.66


Using the “mysql-users” script we can view any user accounts in MySQL.

MySQL variables

nmap -p3306 –script mysql-empty-password,mysql-variables 192.168.2.66


The “mysql-variables” script can reveal configurations of the MySQL installation.

 

 

To Be Continued…