SQL
Structured Query Language (SQL) is a standardized programming language that is used to manage relational databases and perform various operations on the data in them.
Enum
# Default scan
nmap $IP -sV -p 3306
# Empty password script
nmap $IP -sV -p 3306 --script=mysql-empty-password
# Get Mysql info
nmap $IP -sV -p 3306 --script=mysql-info
# Get mysql users
nmap $IP -sV -p 3306 --script=mysql-users --script-args="mysqluser='root',mysqlpass=''"
# Get mysql databases
nmap $IP -sV -p 3306 --script=mysql-databases --script-args="mysqluser='root',mysqlpass=''"
# Get mysql variables
nmap $IP -sV -p 3306 --script=mysql-variables --script-args="mysqluser='root',mysqlpass=''"
# mysql audit
nmap $IP -sV -p 3306 --script=mysql-audit --script-args="mysql-audit.username='root',mysql-audit.password='',mysql-audit.filename='/usr/share/nmap/nselib/data/mysql-cis.audit'"
# Try to connect directly without a password
mysql -h $IP -u root
# Run query
nmap $IP -sV -p 3306 --script=mysql-query --script-args="query='select count(*) from books.authors;',mysqluser='root',mysqlpass=''"
# Metasploit way
msfconsole
set dir_list /usr/share/metasploit-framework/data/wordlists/directory.txt
setg rhosts $IP
set verbose false
run
## Hashdump
msfconsole
use auxiliary/scanner/mysql/mysql_hashdump
setg rhosts $IP
set username root
set password ""
runManipulate local files via db
Bruteforce
Last updated