CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/auxiliary/scanner/mysql/mysql_authbypass_hashdump.md
Views: 1904
Description
This module exploits a password bypass vulnerability in MySQL in order to extract the usernames and encrypted password hashes from a MySQL server. These hashes are stored as loot for later cracking.
Impacts MySQL versions:
5.1.x before 5.1.63
5.5.x before 5.5.24
5.6.x before 5.6.6
And MariaDB versions:
5.1.x before 5.1.62
5.2.x before 5.2.12
5.3.x before 5.3.6
5.5.x before 5.5.23
Environment Setup
Docker
Verification Steps
Do:
use scanner/mysql/mysql_authbypass_hashdump
Do:
set RHOSTS [IP]
Do:
run