Results 1 to 6 of 6

Thread: Metasploit = mysql pen test

  1. #1
    Just burned his ISO
    Join Date
    Jun 2008
    Posts
    1

    Post Metasploit = mysql pen test

    hi people, my privs dont allow me to post in the specialists area so i have to post here i guess, i've scanned a mySQL server with nmap and since the last time i got into this server and we had it patched it's security has updated, but others are still breaking in and it's getting anoying.

    Nmap Results: No Open Ports
    Custom Port Scanner Results:
    53 Domain
    80 http
    135 Loc-SRV
    139 netbios
    445 is Microsoft DS
    1027-1028
    3306 mySQL database server
    3389 telnet

    i've tried a phew exploits i know will get in through 1027 but cant seem to
    pen, any ideas?

  2. #2
    Member Primey's Avatar
    Join Date
    Sep 2007
    Posts
    126

    Default

    so im guessing this MySQL Server is yours?
    "Family, Religion, Friends, those are the three demons you must face if you want to be successful in business"
    Montgomery Burns

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    I hate to be a A$$hole but I never trust queries like this from people who cant use proper grammar and punctuation. Most serious computer people make a effort to write and spell correctly even in IRC or IM.

  4. #4
    Member Primey's Avatar
    Join Date
    Sep 2007
    Posts
    126

    Default

    Well pureh@te, we'll just have to wait and see

    this has the makings of a fine thread with directions to the Corner...but you never know
    "Family, Religion, Friends, those are the three demons you must face if you want to be successful in business"
    Montgomery Burns

  5. #5
    Senior Member
    Join Date
    Apr 2008
    Posts
    2,008

    Default

    Alright, lets see if I got it right.

    First of all this naturally is your own server, as you clearly state in your post, yet you need to use two different portscanners to tell you which ports you have opened up? The server's security has also updated on its own and now you can no longer hack your way in. On top of this you seem to be unable to just check which way the others are getting in and rather want us to tell you how to get in yourself than just patch up the security hole. I think we might just have a corner around here with your name on it
    -Monkeys are like nature's humans.

  6. #6
    Junior Member
    Join Date
    Mar 2007
    Posts
    54

    Default

    Quote Originally Posted by =Tron= View Post
    Alright, lets see if I got it right.

    First of all this naturally is your own server, as you clearly state in your post, yet you need to use two different portscanners to tell you which ports you have opened up? The server's security has also updated on its own and now you can no longer hack your way in. On top of this you seem to be unable to just check which way the others are getting in and rather want us to tell you how to get in yourself than just patch up the security hole. I think we might just have a corner around here with your name on it
    D0n't b3 harsh, just 'caus3 h3 1s 1337 y0u can't tak3 1t...

    And i'm sure he is rushing to give us a screen shot of him logged in as root on the server with this post in the background and of course the ip somewhere in the shot...

    I don't see where you get all this "black hat" shiz from, who would want to abuse this forum if they were a "black hat hacker"

    <&Messiah> I want to burn a white hat at defcon
    <&Messiah> for the laugh
    <@Stitchup> ROFL
    <@Stitchup> For the crack
    <@Stitchup> LOL
    * %weekend (police@your.door) Quit (Quit: </irc>)
    <&Gumbie> have to dress the white hat up as Barney the Dinosour first
    <&Messiah> Gumbie: I meant a white hat, as in the accessory. I don't want to get done for murder
    OIC...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •