mysql-audit
脚本使用类型:
portrule
脚本所属分类:
discovery, safe
脚本下载地址: http://nmap.org/svn/scripts/mysql-audit.nse
Audits MySQL database server security configuration against parts of the CIS MySQL v1.0.2 benchmark (the engine can be used for other MySQL audits by creating appropriate audit files).
the password with which to connect to the database
the username with which to connect to the database
the name of the file containing the audit rulebase
执行格式
nmap -p 3306 --script mysql-audit --script-args "mysql-audit.username='root', \ mysql-audit.password='foobar',mysql-audit.filename='nselib/data/mysql-cis.audit'"
PORT STATE SERVICE 3306/tcp open mysql | mysql-audit: | CIS MySQL Benchmarks v1.0.2 | 3.1: Skip symbolic links => PASS | 3.2: Logs not on system partition => PASS | 3.2: Logs not on database partition => PASS | 4.1: Supported version of MySQL => REVIEW | Version: 5.1.54-1ubuntu4 | 4.4: Remove test database => PASS | 4.5: Change admin account name => FAIL | 4.7: Verify Secure Password Hashes => PASS | 4.9: Wildcards in user hostname => FAIL | The following users were found with wildcards in hostname | root | super | super2 | 4.10: No blank passwords => PASS | 4.11: Anonymous account => PASS | 5.1: Access to mysql database => REVIEW | Verify the following users that have access to the MySQL database | user host | root localhost | root patrik-11 | root 127.0.0.1 | debian-sys-maint localhost | root % | super % | 5.2: Do not grant FILE privileges to non Admin users => REVIEW | The following users were found having the FILE privilege | super | super2 | 5.3: Do not grant PROCESS privileges to non Admin users => REVIEW | The following users were found having the PROCESS privilege | super | 5.4: Do not grant SUPER privileges to non Admin users => REVIEW | The following users were found having the SUPER privilege | super | 5.5: Do not grant SHUTDOWN privileges to non Admin users => REVIEW | The following users were found having the SHUTDOWN privilege | super | 5.6: Do not grant CREATE USER privileges to non Admin users => REVIEW | The following users were found having the CREATE USER privilege | super | 5.7: Do not grant RELOAD privileges to non Admin users => REVIEW | The following users were found having the RELOAD privilege | super | 5.8: Do not grant GRANT privileges to non Admin users => PASS | 6.2: Disable Load data local => FAIL | 6.3: Disable old password hashing => PASS | 6.4: Safe show database => FAIL | 6.5: Secure auth => FAIL | 6.6: Grant tables => FAIL | 6.7: Skip merge => FAIL | 6.8: Skip networking => FAIL | 6.9: Safe user create => FAIL | 6.10: Skip symbolic links => FAIL | |_ The audit was performed using the db-account: root
Author: Patrik Karlsson
License: VER007 整理 http://www.ver007.com