Home page logo
/
Zenmap screenshot
Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
Example Nmap output

File mysql-dump-hashes

Script types: portrule
Categories: auth, discovery, safe
Download: http://nmap.org/svn/scripts/mysql-dump-hashes.nse

User Summary

Dumps the password hashes from an MySQL server in a format suitable for cracking by tools such as John the Ripper. Appropriate DB privileges (root) are required.

The username and password arguments take precedence over credentials discovered by the mysql-brute and mysql-empty-password scripts.

Script Arguments

username

the username to use to connect to the server

password

the password to use to connect to the server

Example Usage

nmap -p 3306 <ip> --script mysql-dump-hashes --script-args='username=root,password=secret'

Script Output

PORT     STATE SERVICE
3306/tcp open  mysql
| mysql-dump-hashes:
|   root:*9B500343BC52E2911172EB52AE5CF4847604C6E5
|   debian-sys-maint:*92357EE43977D9228AC9C0D60BB4B4479BD7A337
|_  toor:*14E65567ABDB5135D0CFD9A70B3032C179A49EE7

Requires


Author: Patrik Karlsson

License: Same as Nmap--See http://nmap.org/book/man-legal.html

Nmap Site Navigation

Intro Reference Guide Book Install Guide
Download Changelog Zenmap GUI Docs
Bug Reports OS Detection Propaganda Related Projects
In the Movies In the News
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]