module
MySQL Authentication Bypass Password Dump
| Disclosed | Created |
|---|---|
| 06/09/2012 | 05/30/2018 |
Disclosed
06/09/2012
Created
05/30/2018
Description
This module exploits a password bypass vulnerability in MySQL in order
to extract the usernames and encrypted password hashes from a MySQL server.
These hashes are stored as loot for later cracking.
Impacts MySQL versions:
- 5.1.x before 5.1.63
- 5.5.x before 5.5.24
- 5.6.x before 5.6.6
And MariaDB versions:
- 5.1.x before 5.1.62
- 5.2.x before 5.2.12
- 5.3.x before 5.3.6
- 5.5.x before 5.5.23
to extract the usernames and encrypted password hashes from a MySQL server.
These hashes are stored as loot for later cracking.
Impacts MySQL versions:
- 5.1.x before 5.1.63
- 5.5.x before 5.5.24
- 5.6.x before 5.6.6
And MariaDB versions:
- 5.1.x before 5.1.62
- 5.2.x before 5.2.12
- 5.3.x before 5.3.6
- 5.5.x before 5.5.23
Authors
theLightCosine jcran
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use auxiliary/scanner/mysql/mysql_authbypass_hashdump
msf /(p) > show actions
...actions...
msf /(p) > set ACTION < action-name >
msf /(p) > show options
...show and set options...
msf /(p) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.