49 lines
1.1 KiB
YAML
49 lines
1.1 KiB
YAML
id: mysql-default-login
|
|
|
|
info:
|
|
name: MySQL - Default Login
|
|
author: DhiyaneshDk,pussycat0x,ritikchaddha
|
|
severity: high
|
|
description: |
|
|
A MySQL service was accessed with easily guessed credentials.
|
|
metadata:
|
|
verified: true
|
|
max-request: 21
|
|
shodan-query: "port:3306"
|
|
tags: js,mysql,default-login,network,fuzz,enum
|
|
|
|
javascript:
|
|
- pre-condition: |
|
|
isPortOpen(Host,Port);
|
|
code: |
|
|
var m = require("nuclei/mysql");
|
|
var c = m.MySQLClient();
|
|
c.Connect(Host,Port,User,Pass)
|
|
|
|
args:
|
|
Host: "{{Host}}"
|
|
Port: "3306"
|
|
User: "{{usernames}}"
|
|
Pass: "{{passwords}}"
|
|
|
|
payloads:
|
|
usernames:
|
|
- root
|
|
- admin
|
|
- mysql
|
|
- test
|
|
passwords:
|
|
- root
|
|
- admin
|
|
- mysql
|
|
- test
|
|
-
|
|
attack: clusterbomb
|
|
|
|
matchers:
|
|
- type: dsl
|
|
dsl:
|
|
- "response == true"
|
|
- "success == true"
|
|
condition: and
|
|
# digest: 4a0a0047304502207adcfc24d9e3c74929abb00b45b3f42e30ade1edda76da0e9768605cf7e06228022100fc831a5449c73d201e21efe1a73471db66ad40c120568f7445334832ba8a16c8:922c64590222798bb761d5b6d8e72950 |