Member-only story
Penetration Testing on MYSQL (Port 3306)
August 6, 2024 by Raj
MySQL is an open-source Relational Database Management System (RDBMS). It is widely used for managing and organizing data in a structured format, using tables to store the data. MySQL functions in a networked setup utilizing a client-server architecture. In this configuration, the MySQL server manages the database, while client applications connect to the server to execute tasks like querying and updating data. The interaction between the MySQL clients and the server is conducted over the TCP/IP protocol, with MySQL by default listening on port 3306.
Table of Contents
Lab setup
Installation
Connecting to MySQL server
Brute forcing MySQL credentials
Exploitation using Metasploit
Configuring a custom port
Conclusion
Lab setup
Target Machine: Ubuntu (192.168.31.205)
Attacker Machine: Kali Linux (192.168.31.141)
Installation
We are going to start with the MySQL server setup in the ubuntu machine. The command for installing the server is:
apt install mysql-server