mailing list archives
Re: [NSE Script] MySQL Server Information
From: Fyodor <fyodor () insecure org>
Date: Tue, 18 Dec 2007 15:48:20 -0800
On Tue, Dec 18, 2007 at 11:44:40PM +0000, jah wrote:
On 18/12/2007 20:30, Thomas Buchanan wrote:
But then as Fyodor says,
On 18/12/2007 23:09, Fyodor wrote:
We have categories to deal with this issue. So a DB password checking
script would be good to have, but probably shouldn't be in the "safe"
So maybe we should complement MySQLinfo with an entirely separate script....
Well, if it is only testing a few common defaults and is unlikely to
cause DB lockouts, it is probably OK to include in a single script.
But yes, a major brute forcing script should probably be separate from
one which simply gathers some available information from the DB.
Sent through the nmap-dev mailing list
Archived at http://SecLists.Org