Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [NSE Script] MySQL Server Information

From: Fyodor <fyodor () insecure org>
Date: Tue, 18 Dec 2007 15:48:20 -0800
On Tue, Dec 18, 2007 at 11:44:40PM +0000, jah wrote:

On 18/12/2007 20:30, Thomas Buchanan wrote:

But then as Fyodor says,
On 18/12/2007 23:09, Fyodor wrote:

We have categories to deal with this issue.  So a DB password checking
script would be good to have, but probably shouldn't be in the "safe"
category.
  

So maybe we should complement MySQLinfo with an entirely separate script....


Well, if it is only testing a few common defaults and is unlikely to
cause DB lockouts, it is probably OK to include in a single script.
But yes, a major brute forcing script should probably be separate from
one which simply gathers some available information from the DB.

Cheers,
-F

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: