daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

mysql creds -update

patch-1
pussycat0x 2024-03-22 19:41:12 +05:30
parent f31b32622b
commit b151c4a41f
5 changed files with 30 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
javascript/audit/mysql/mysql-load-file.yaml
View File

@ -28,17 +28,15 @@ javascript:
payloads: payloads:
usernames: usernames:
- anonymous
- root - root
- admin - admin
- mysql - mysql
- nagiosxi - test
passwords: passwords:
- SqlServer0
- root - root
- cloudera
- admin - admin
- moves - mysql
- test
attack: clusterbomb attack: clusterbomb
stop-at-first-match: true stop-at-first-match: true

23
javascript/enumeration/mysql/mysql-default-login.yaml
View File

@ -28,13 +28,26 @@ javascript:
User: "{{usernames}}" User: "{{usernames}}"
Pass: "{{passwords}}" Pass: "{{passwords}}"
threads: 10 args:
attack: pitchfork Host: "{{Host}}"
Port: "3306"
Query: SELECT LOAD_FILE('/etc/passwd')
User: "{{usernames}}"
Pass: "{{passwords}}"
payloads: payloads:
usernames: helpers/wordlists/mysql-users.txt usernames:
passwords: helpers/wordlists/mysql-passwords.txt - root
stop-at-first-match: true - admin
- mysql
- test
passwords:
- root
- admin
- mysql
- test
-
attack: clusterbomb
matchers: matchers:
- type: dsl - type: dsl

8
javascript/enumeration/mysql/mysql-show-databases.yaml
View File

@ -27,17 +27,15 @@ javascript:
payloads: payloads:
usernames: usernames:
- anonymous
- root - root
- admin - admin
- mysql - mysql
- nagiosxi - test
passwords: passwords:
- SqlServer0
- root - root
- cloudera
- admin - admin
- moves - mysql
- test
attack: clusterbomb attack: clusterbomb
stop-at-first-match: true stop-at-first-match: true

8
javascript/enumeration/mysql/mysql-show-variables.yaml
View File

@ -27,17 +27,15 @@ javascript:
payloads: payloads:
usernames: usernames:
- anonymous
- root - root
- admin - admin
- mysql - mysql
- nagiosxi - test
passwords: passwords:
- SqlServer0
- root - root
- cloudera
- admin - admin
- moves - mysql
- test
attack: clusterbomb attack: clusterbomb
stop-at-first-match: true stop-at-first-match: true

8
javascript/enumeration/mysql/mysql-user-enum.yaml
View File

@ -29,17 +29,15 @@ javascript:
payloads: payloads:
usernames: usernames:
- anonymous
- root - root
- admin - admin
- mysql - mysql
- nagiosxi - test
passwords: passwords:
- SqlServer0
- root - root
- cloudera
- admin - admin
- moves - mysql
- test
attack: clusterbomb attack: clusterbomb
stop-at-first-match: true stop-at-first-match: true