#MySQL [ port : 3306 ] :

MySQL: is an open-source relational database management system based on SQL.

• It is typically used to store records, customer data, and is commonly deployed to store web application data.
• We can use aux modules to enumerate the version of MySQL, perform Brute-Force attacks, execute SQL queries and much more.

** #MSF modules :**

To search:

• search type:auxiliary name:mysql

auxiliary/scanner/mysql/mysql_login

• Bruteforce MySQL creds.

auxiliary/admin/mysql/mysql_sql

• Execute SQL Queries (Requiers Admin Privilages) Don't forget the; after setting the "SQL" Query

mysql_writeable_dirs

• enumerates the system writeable directories through MySQL quite useful!

mysql_hashdump

• This module extracts the usernames and encrypted password hashes from a MySQL server and stores them for later cracking.

mysql_schemadump

• dump all schema

** #nmap_scripts:**

mysql-empty-password

• nmap script for searching for users that can login with no password

mysql-info

• self explaintory # if we found Interactive-Client within the capabilites then we can run system shell through mysql

mysql-users --script-args mysqluser=<user>,mysqlpass=<pass>

• enumerate users

mysql-variables --script-args mysqluser=<user>,mysqlpass=<pass>

• useful info

mysql -h <host> -u root

commands :

• show databases;
• use <database>;
• select load_file("<file>"); # for reading the file

How to connect to a mysql database:

mysql -u <user> -p<password> -h <IP> 

Example

mysql -u db_admin -h 192.203.119.3 -ppassword@123