3306 - MySQL

Default port: 3306/tcp open mysql

Connect

Local

mysql -u root # Connect to root without password
mysql -u root -p # A password will be asked (check someone)

Remote

mysql -h <Hostname> -u root
mysql -h <Hostname> -u root@localhost

External Enumeration

nmap -sV -p 3306 --script mysql-audit,mysql-databases,mysql-dump-hashes,mysql-empty-password,mysql-enum,mysql-info,mysql-query,mysql-users,mysql-variables,mysql-vuln-cve2012-2122 <IP>
msf> use auxiliary/scanner/mysql/mysql_version
msf> use auxiliary/scanner/mysql/mysql_authbypass_hashdump
msf> use auxiliary/scanner/mysql/mysql_hashdump #Creds
msf> use auxiliary/admin/mysql/mysql_enum #Creds
msf> use auxiliary/scanner/mysql/mysql_schemadump #Creds 
msf> use exploit/windows/mysql/mysql_start_up #Execute commands Windows, Creds

Write any binary data

CONVERT(unhex("6f6e2e786d6c55540900037748b75c7249b75"), BINARY)
CONVERT(from_base64("aG9sYWFhCg=="), BINARY)

A file with all the commands you want to execute

mysql -u username -p < manycommands.sql 
mysql -u root -h 127.0.0.1 -e 'show databases;'

Previous1521,1522-1529 - Oracle TNS Listener NextMySQL commands

Last updated 2 years ago