@@ -18,30 +18,6 @@ Point the modules containing usernames and passwords, set our RHOSTS value, and
1818
1919```
2020msf > use auxiliary/scanner/mysql/mysql_login
21- msf auxiliary(mysql_login) > show options
22-
23- Module options (auxiliary/scanner/mysql/mysql_login):
24-
25- Name Current Setting Required Description
26- ---- --------------- -------- -----------
27- BLANK_PASSWORDS false no Try blank passwords for all users
28- BRUTEFORCE_SPEED 5 yes How fast to bruteforce, from 0 to 5
29- DB_ALL_CREDS false no Try each user/password couple stored in the current database
30- DB_ALL_PASS false no Add all passwords in the current database to the list
31- DB_ALL_USERS false no Add all users in the current database to the list
32- PASSWORD no A specific password to authenticate with
33- PASS_FILE /usr/share/wordlists/fasttrack.txt no File containing passwords, one per line
34- Proxies no A proxy chain of format type:host:port[,type:host:port][...]
35- RHOSTS yes The target address range or CIDR identifier
36- RPORT 3306 yes The target port (TCP)
37- STOP_ON_SUCCESS false yes Stop guessing when a credential works for a host
38- THREADS 1 yes The number of concurrent threads
39- USERNAME no A specific username to authenticate as
40- USERPASS_FILE no File containing users and passwords separated by space, one pair per line
41- USER_AS_PASS false no Try the username as the password for all users
42- USER_FILE no File containing usernames, one per line
43- VERBOSE true yes Whether to print output for all attempts
44-
4521msf auxiliary(mysql_login) > set PASS_FILE /tmp/passes.txt
4622PASS_FILE => /tmp/passes.txt
4723msf auxiliary(mysql_login) > set RHOSTS 192.168.1.200
0 commit comments