Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE Script] MySQL Server Information
From: Fyodor <fyodor () insecure org>
Date: Tue, 18 Dec 2007 15:48:20 -0800

On Tue, Dec 18, 2007 at 11:44:40PM +0000, jah wrote:
On 18/12/2007 20:30, Thomas Buchanan wrote:

But then as Fyodor says,
On 18/12/2007 23:09, Fyodor wrote:
We have categories to deal with this issue.  So a DB password checking
script would be good to have, but probably shouldn't be in the "safe"
So maybe we should complement MySQLinfo with an entirely separate script....

Well, if it is only testing a few common defaults and is unlikely to
cause DB lockouts, it is probably OK to include in a single script.
But yes, a major brute forcing script should probably be separate from
one which simply gathers some available information from the DB.


Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]