Listing MySQL users
MySQL servers support granular permissions to access databases. If we have credentials with access to the mysql.user
table, we could list all users in the MySQL server. This is the reason why it is important to configure user permissions to be as restrictive as possible.
The following recipe shows how to use Nmap to enumerate users in MySQL servers.
How to do it...
Open your terminal and enter the following command:
$ nmap -p3306 --script mysql-users --script-args mysqluser=<username>,mysqlpass=<password> <target>
If the credentials provided have access to the mysql.user
table, the user list will be included in the script output:
PORT STATE SERVICE 3306/tcp open mysql | mysql-users: | root | crm | web |_ admin
How it works...
The argument -p3306 --script mysql-users --script-argsmysqluser=<user>,mysqlpass=<pass>
make Nmap launch the mysql-users
script if a MySQL server is found on port 3306
.
The mysql-users...