|
1 | 1 | #!/bin/bash |
2 | 2 |
|
3 | | -$ sudo docker exec dvwa-vulnerable-mysql mysqld --verbose --help | grep -A1 "Default Options" |
4 | | -250913 20:34:28 [Warning] Using unique option prefix key_buffer instead of key_buffer_size is deprecated and will be removed in a future release. Please use the full name instead. |
5 | | -250913 20:34:28 [Warning] Insecure configuration for --secure-file-priv: Current value does not restrict location of generated files. Consider setting it to a valid, non-empty path. |
6 | | -250913 20:34:28 [Note] mysqld (mysqld 5.5.62-0ubuntu0.14.04.1) starting as process 288 ... |
7 | | -250913 20:34:28 [Warning] Using unique option prefix myisam-recover instead of myisam-recover-options is deprecated and will be removed in a future release. Please use the full name instead. |
8 | | -250913 20:34:28 [Note] Plugin 'FEDERATED' is disabled. |
| 3 | +$ sudo docker exec -it dvwa-vulnerable-mysql mysql -uroot -ppassword |
| 4 | +Welcome to the MySQL monitor. Commands end with ; or \g. |
| 5 | +Your MySQL connection id is 11 |
| 6 | +Server version: 5.5.62-0ubuntu0.14.04.1 (Ubuntu) |
| 7 | + |
| 8 | +Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved. |
| 9 | + |
| 10 | +Oracle is a registered trademark of Oracle Corporation and/or its |
| 11 | +affiliates. Other names may be trademarks of their respective |
| 12 | +owners. |
| 13 | + |
| 14 | +Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. |
| 15 | + |
| 16 | +mysql> show GRANTS FOR 'dvwa'@'%'; |
| 17 | ++-----------------------------------------------------------------------------------------------------+ |
| 18 | +| Grants for dvwa@% | |
| 19 | ++-----------------------------------------------------------------------------------------------------+ |
| 20 | +| GRANT USAGE ON *.* TO 'dvwa'@'%' IDENTIFIED BY PASSWORD '*196BDEDE2AE4F84CA44C47D54D78478C7E2BD7B7' | |
| 21 | +| GRANT ALL PRIVILEGES ON `dvwa`.* TO 'dvwa'@'%' | |
| 22 | ++-----------------------------------------------------------------------------------------------------+ |
| 23 | +2 rows in set (0.00 sec) |
| 24 | + |
| 25 | +mysql> GRANT FILE ON *.* TO 'dvwa'@'%'; |
| 26 | +Query OK, 0 rows affected (0.00 sec) |
| 27 | + |
| 28 | +mysql> FLUSH PRIVILEGES; |
| 29 | +Query OK, 0 rows affected (0.00 sec) |
| 30 | + |
| 31 | +mysql> show GRANTS FOR 'dvwa'@'%'; |
| 32 | ++----------------------------------------------------------------------------------------------------+ |
| 33 | +| Grants for dvwa@% | |
| 34 | ++----------------------------------------------------------------------------------------------------+ |
| 35 | +| GRANT FILE ON *.* TO 'dvwa'@'%' IDENTIFIED BY PASSWORD '*196BDEDE2AE4F84CA44C47D54D78478C7E2BD7B7' | |
| 36 | +| GRANT ALL PRIVILEGES ON `dvwa`.* TO 'dvwa'@'%' | |
| 37 | ++----------------------------------------------------------------------------------------------------+ |
| 38 | +2 rows in set (0.00 sec) |
| 39 | + |
| 40 | +mysql> |
| 41 | + |
9 | 42 |
|
10 | 43 |
|
11 | 44 | # Script Name: dvwa-pentest-lab.sh |
|
0 commit comments