daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/javascript/enumeration/mysql/mysql-default-login.yaml

49 lines
1.1 KiB
YAML
Raw Permalink Blame History

id: mysql-default-login
info:
name: MySQL - Default Login
author: DhiyaneshDk,pussycat0x,ritikchaddha
severity: high
description: |
A MySQL service was accessed with easily guessed credentials.
metadata:
verified: true
max-request: 21
shodan-query: "port:3306"
tags: js,mysql,default-login,network,fuzz,enum
javascript:
- pre-condition: |
isPortOpen(Host,Port);
code: |
var m = require("nuclei/mysql");
var c = m.MySQLClient();
c.Connect(Host,Port,User,Pass)
args:
Host: "{{Host}}"
Port: "3306"
User: "{{usernames}}"
Pass: "{{passwords}}"
payloads:
usernames:
- root
- admin
- mysql
- test
passwords:
- root
- admin
- mysql
- test
-
attack: clusterbomb
matchers:
- type: dsl
dsl:
- "response == true"
- "success == true"
condition: and
# digest: 4a0a0047304502207adcfc24d9e3c74929abb00b45b3f42e30ade1edda76da0e9768605cf7e06228022100fc831a5449c73d201e21efe1a73471db66ad40c120568f7445334832ba8a16c8:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink