admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 07:43:27 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
3fb8041aa5f78efa7a9cfacaf56ea97dbcbeee96
nuclei-templates/javascript/default-logins/mysql-default-login.yaml

41 lines
1.1 KiB
YAML
Raw Blame History

id: mysql-default-login
info:
name: MySQL - Default Login
author: DhiyaneshDk,pussycat0x,ritikchaddha
severity: high
description: |
A MySQL service was accessed with easily guessed credentials.
metadata:
verified: true
max-request: 21
shodan-query: "port:3306"
tags: js,mysql,default-login,network,fuzz,enum,vuln
javascript:
- pre-condition: |
isPortOpen(Host,Port);
code: |
var m = require("nuclei/mysql");
var c = m.MySQLClient();
c.Connect(Host,Port,User,Pass)
args:
Host: "{{Host}}"
Port: "3306"
User: "{{usernames}}"
Pass: "{{passwords}}"
payloads:
usernames: helpers/wordlists/mysql-users.txt
passwords: helpers/wordlists/mysql-passwords.txt
attack: clusterbomb
matchers:
- type: dsl
dsl:
- "response == true"
- "success == true"
condition: and
# digest: 4a0a0047304502202e60c03105cba531fe84fd491ad25fc7cc97070adc3a43865bad78e1ba274f7d022100f26af1d4d6e117ac8cbe021961ba09bf1c3c29c18ee17d8e4d378d0ac634fd24:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink