March 25, 2017 Karn Ganeshen

Metasploitable – Exploiting mysql service

root@kali:~# nmap -sV -n -p 3306 192.168.49.201

You can also use nmap scripts to gather more information.

Attempt to identify mysql root password.

Connect to mysql.

Use mysql load_file function to attempt reading contents of /etc/shadow file.

As seen above, shadow file could not be read. Let’s try and read /etc/passwd file.

 

Tagged: ,

Leave a Reply

Your email address will not be published. Required fields are marked *