5 Ways to Hack MySQL Login Password

In this article, we will learn how to gain control over our victim’s PC through mysql service via port 3306. There are various ways to do it and let take time and learn all those because different circumstances call for different measure.

Medusa

Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. It supports many protocols: AFP, CVS, FTP, HTTP, IMAP, rlogin, SSH, Subversion, and VNC to name a few

Run the following command

Medusa -h 192.168.1.106 –U /root/Desktop/user.txt –P /root/Desktop/pass.txt –M mysql

Here

-U: denotes path for username list

-P: denotes path for password list

As you can observe that we had successfully grabbed the telnet username as root and password as toor .

Ncrack

Ncrack is a high-speed network authentication cracking tool. It was built to help companies secure their networks by proactively testing all their hosts and networking devices for poor passwords.

Run the following command

ncrack –v –U /root/Desktop/user.txt–P /root/Desktop/pass.txt 192.168.1.106:3306

Here

-U: denotes path for username list

-P: denotes path for password list

As you can observe that we had successfully grabbed the telnet username as root and password as toor .

xHydra

This is the graphical version to apply dictionary attack via 3306 port to hack a system. For this method to work:

Open xHydra in your kali. And select Single Target option and their give the IP of your victim PC. And select MYSQL in box against Protocol option and give the port number 3306 against the port option .

Now, go to Passwords tab and select Username List and give the path of your text file, which contains usernames, in the box adjacent to it.

Then select Password List and give the path of your text file, which contains all the passwords, in the box adjacent to it.

After doing this, go to Start tab and click on Start button on the left.

Now, the process of dictionary attack will start. Thus, you will attain the username and password of your victim.

Hydra

Hydra is often the tool of choice. It can perform rapid dictionary attacks against more than 50 protocols, including telnet, ftp, http, https, smb, several databases, and much more

Now, we need to choose a wordlist. As with any dictionary attack, the wordlist is key. Kali has numerous wordlists built right in.

Run the following command

hydra –L/root/Desktop/user.txt –P /root/Desktop/pass.txt 192.168.1.106 mysql

-L: denotes path for username list

-P: denotes path for password list

Once the commands are executed it will start applying the dictionary attack and so you will have the right username and password in no time. As you can observe that we had successfully grabbed the telnet username as root and password as toor .

Metasploit

This module simply queries the MySQL instance for a specific user/pass (default is root with blank).

msf > use auxiliary/scanner/mysql/mysql_login

msf auxiliary( mysql_login ) > set rhosts 192.168.1.106

msf auxiliary( mysql_login ) > set user_file /root/Desktop/users.txt

msf auxiliary( mysql_login ) > set pass_file /root/Desktop/password.txt

msf auxiliary( mysql_login ) > set stop_on_success true

msf auxiliary( mysql_login ) > run

This will start brute force attack and try to match the combination for valid username and password using user.txt and pass.txt file.

From given image you can observe that our mysql server is not secure against brute force attack because it is showing matching combination of username: root and password: toor for login.

Once the attacker retrieves the valid credential he can directly login into mysql server for stealing or destroying the database information.

Author: Rahul Virmani is a Certified Ethical Hacker and the researcher in the field of network Penetration Testing (CYBER SECURITY). Contact Here

您可能感兴趣的

MYSQL how do I get a SUM from checkins? SELECT promotions.`sms_promo_id`, places.`id`, places.`name`, insights.`checkins`, insights.`likes`, insights.`place_id` FROM promotions INNER JOIN pl...
Handling long duration SST(timeout) in PXC with sy... In this blog post, We will be explaining about the timeouts in SST on systemd implementation which we faced recently in Percona XtraDB Cluster ...
使用python连接MySQL数据库 本篇文章使用python中的pymysql库连接MySQL数据库,并完成建表,数据写入和查询的过程。为了保证内容的完整性,我们将内容分为两个 阶段,第一阶段简单介绍数据的爬取过程。看过之前爬虫文章的同学请直接忽略。第二阶段介绍将爬去的数据写入MySQL数据库的过程。 1,使用pytho...
Why PostgreSQL is better than MySQL Someone recently tweeted about the fantastic news that MySQL fixed a bug. Now in my world, bugs get fixed quickly and well. Bugs happen and they nee...
Funny characters in the MySQL database after impor... Insert into the MySQL database after reading the csv file? I have a csv file like this:, 01-05-2014, 01-05-2014, 01-05-2014, 01...
Hacking Articles责编内容来自:Hacking Articles (源链) | 更多关于

阅读提示:酷辣虫无法对本内容的真实性提供任何保证,请自行验证并承担相关的风险与后果!
本站遵循[CC BY-NC-SA 4.0]。如您有版权、意见投诉等问题,请通过eMail联系我们处理。
酷辣虫 » 5 Ways to Hack MySQL Login Password



专业 x 专注 x 聚合 x 分享 CC BY-NC-SA 4.0

使用声明 | 英豪名录