Nmap mysql-users NSE Script


This page contains detailed information about how to use the mysql-users NSE script. For list of all NSE scripts, visit the Nmap NSE Library.

Script Overview

Script source code: https://github.com/nmap/nmap/tree/master/scripts/mysql-users.nse
Script categories: auth, intrusive
Target service / protocol: mysql
Target network port(s): 3306
List of CVEs: -

Script Description

The mysql-users.nse script attempts to list all users on a MySQL server.

Mysql-users NSE Script Arguments

This is a full list of arguments supported by the mysql-users.nse script:

mysqlpass

The password to use for authentication. If unset it attempts to use credentials found by mysql-brute or mysql-empty-password.

mysqluser

The username to use for authentication. If unset it attempts to use credentials found by mysql-brute or mysql-empty-password.

- - -
To use these script arguments, add them to the Nmap command line using the --script-args arg1=value,[arg2=value,..] syntax. For example:

nmap --script=mysql-users --script-args mysqlpass=value,mysqluser=value <target>

Mysql-users NSE Script Example Usage

Here's an example of how to use the mysql-users.nse script:

nmap --script=mysql-users <target>

Mysql-users NSE Script Example Output

Here's a sample output from the mysql-users.nse script:

3306/tcp open  mysql
| mysql-users:
|   test
|   root
|   test2
|   album
|   debian-sys-maint
|   horde
|   mediatomb
|_  squeezecenter

Mysql-users NSE Script Example XML Output

There is no sample XML output for this module. However, by providing the -oX <file> option, Nmap will produce a XML output and save it in the file.xml file.

Author

  • Patrik Karlsson

References

See Also

Related NSE scripts to the mysql-users.nse script:

Visit Nmap NSE Library for more scripts.

Version

This page has been created based on Nmap version 7.92.