diff --git a/helpers/wordlists/mysql-passwords.txt b/helpers/wordlists/mysql-passwords.txt
index c514e405ad8..8399b28165f 100644
--- a/helpers/wordlists/mysql-passwords.txt
+++ b/helpers/wordlists/mysql-passwords.txt
@@ -16,4 +16,5 @@ eLaStIx.asteriskuser.2oo7
 raspberry
 openauditrootuserpassword
 vagrant
-123qweASD#
\ No newline at end of file
+123qweASD#
+test
diff --git a/helpers/wordlists/mysql-users.txt b/helpers/wordlists/mysql-users.txt
index 37e33b4a7ec..d143406c003 100644
--- a/helpers/wordlists/mysql-users.txt
+++ b/helpers/wordlists/mysql-users.txt
@@ -4,4 +4,6 @@ cloudera
 moves
 mcUser
 dbuser
-asteriskuser
\ No newline at end of file
+asteriskuser
+mysql
+test
diff --git a/javascript/default-logins/mysql-default-login.yaml b/javascript/default-logins/mysql-default-login.yaml
index f40c068a9f4..b25240e2906 100644
--- a/javascript/default-logins/mysql-default-login.yaml
+++ b/javascript/default-logins/mysql-default-login.yaml
@@ -27,17 +27,8 @@ javascript:
       Pass: "{{passwords}}"
 
     payloads:
-      usernames:
-        - root
-        - admin
-        - mysql
-        - test
-      passwords:
-        - root
-        - admin
-        - mysql
-        - test
-        -
+      usernames: helpers/wordlists/mysql-users.txt
+      passwords: helpers/wordlists/mysql-passwords.txt
     attack: clusterbomb
 
     matchers:
@@ -46,4 +37,4 @@ javascript:
           - "response == true"
           - "success == true"
         condition: and
-# digest: 4a0a0047304502202e60c03105cba531fe84fd491ad25fc7cc97070adc3a43865bad78e1ba274f7d022100f26af1d4d6e117ac8cbe021961ba09bf1c3c29c18ee17d8e4d378d0ac634fd24:922c64590222798bb761d5b6d8e72950
\ No newline at end of file
+# digest: 4a0a0047304502202e60c03105cba531fe84fd491ad25fc7cc97070adc3a43865bad78e1ba274f7d022100f26af1d4d6e117ac8cbe021961ba09bf1c3c29c18ee17d8e4d378d0ac634fd24:922c64590222798bb761d5b6d8e72950