Script mysql-query

Script types: portrule
Categories: auth, discovery, safe
Download: https://svn.nmap.org/nmap/scripts/mysql-query.nse

Script Summary

Runs a query against a MySQL database and returns the results as a table.

Script Arguments

mysql-query.noheaders

do not display column headers (default: false)

mysql-query.query

the query for which to return the results

mysql-query.username

(optional) the username used to authenticate to the database server

mysql-query.password

(optional) the password used to authenticate to the database server

Example Usage

nmap -p 3306 <ip> --script mysql-query --script-args='query="<query>"[,username=<username>,password=<password>]'

Script Output

PORT     STATE SERVICE
3306/tcp open  mysql
| mysql-query:
|   host       user
|   127.0.0.1  root
|   localhost  debian-sys-maint
|   localhost  root
|   ubu1110    root
|
|   Query: SELECT host, user FROM mysql.user
|_  User: root

Requires

• mysql
• nmap
• shortport
• stdnse

---

Author:

• Patrik Karlsson

License: Same as Nmap--See https://nmap.org/book/man-legal.html