MySQL
Nmap discovered a MySQL server on the target port 3306
┌──(kali㉿kali)-[~/archive/htb/labs/love]
└─$ mysql -h $IP -u root
error 1130 (hy000): Host '10.10.14.17' is not allowed to connect to this MariaDB server
┌──(kali㉿kali)-[~/archive/htb/labs/love]
└─$ mysql -h love -u root@localhost
error 1130 (hy000): Host '10.10.14.17' is not allowed to connect to this MariaDB serverThe target MySQL service does not allow remote authentication
┌──(kali㉿kali)-[~/archive/htb/labs/love]
└─$ nmap -sV -p 3306 --script mysql-audit,mysql-databases,mysql-dump-hashes,mysql-empty-password,mysql-enum,mysql-info,mysql-query,mysql-users,mysql-variables,mysql-vuln-cve2012-2122 $IP
starting nmap 7.94 ( https://nmap.org ) at 2023-09-16 18:30 CEST
Nmap scan report for love (10.10.10.239)
Host is up (0.025s latency).
PORT STATE SERVICE VERSION
3306/tcp open mysql?
| mysql-enum:
| accounts: No valid accounts found
|_ statistics: Performed 10 guesses in 1 seconds, average tps: 10.0
|_mysql-empty-password: Host '10.10.14.17' is not allowed to connect to this MariaDB server
| fingerprint-strings:
| null:
|_ Host '10.10.14.17' is not allowed to connect to this MariaDB server
1 service unrecognized despite returning data. if you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
sf-port3306-tcp:V=7.94%I=7%D=9/16%Time=6505D82A%P=x86_64-pc-linux-gnu%r(NU
sf:LL,4A,"F\0\0\x01\xffj\x04Host\x20'10\.10\.14\.17'\x20is\x20not\x20allow
sf:ed\x20to\x20connect\x20to\x20this\x20MariaDB\x20server");
service detection performed. please report any incorrect results at https://nmap.org/submit/ .
nmap done: 1 IP address (1 host up) scanned in 2.00 seconds