mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-02-08 03:33:18 +08:00
45 lines
886 B
YAML
45 lines
886 B
YAML
id: mysql-db-enum
|
|
|
|
info:
|
|
name: MySQL Database - Enumeration
|
|
author: pussycat0x
|
|
severity: high
|
|
metadata:
|
|
shodan-query: port:3306
|
|
tags: js,mssql,network,enum,fuzz
|
|
|
|
javascript:
|
|
- code: |
|
|
let m = require('nuclei/mysql');
|
|
let c = m.MySQLClient();
|
|
let result = c.ConnectWithDB(Host,Port,User,Pass,dbName);
|
|
result;
|
|
|
|
args:
|
|
Host: "{{Host}}"
|
|
Port: "3306"
|
|
dbName: "{{db}}"
|
|
User: "{{usernames}}"
|
|
Pass: "{{passwords}}"
|
|
|
|
threads: 10
|
|
attack: pitchfork
|
|
|
|
stop-at-first-match: true
|
|
|
|
payloads:
|
|
db:
|
|
- information_schema
|
|
- performance_schema
|
|
- mysql
|
|
|
|
usernames: helpers/wordlists/mysql-users.txt
|
|
passwords: helpers/wordlists/mysql-passwords.txt
|
|
|
|
matchers:
|
|
- type: dsl
|
|
dsl:
|
|
- "response == true"
|
|
- "success == true"
|
|
condition: and
|