Chapter 15. Assessing Data Stores
Databases, key-value stores, and other systems are used to cache and serve data. Attackers often compromise data stores by abusing weaknesses within their configuration, authenticating with valid credentials, and escalating privileges.
The data stores described in this chapter include relational and nonrelational databases, file service protocols, distributed file systems, and key-value stores. Table 15-1 lists implementations, service ports, and tool support within Kali Linux.
| Name | Port | Protocol | Nmap | MSFa | Hydra | ||
|---|---|---|---|---|---|---|---|
| TCP | UDP | ||||||
| MySQL | 3306 |
● |
– |
● |
● |
● |
|
| PostgreSQL | 5432 |
● |
– |
● |
● |
● |
|
| Microsoft SQL Server |
1433 1434 |
● – |
– ● |
● ● |
● ● |
● – |
|
| Oracle Database | 1521 |
● |
– |
● |
● |
● |
|
| MongoDB | 27017 |
● |
– |
● |
● |
– |
|
| Redis | 6379 |
● |
– |
● |
● |
● |
|
| Memcached | 11211 |
● |
● |
● |
● |
– |
|
| Hadoop | MapReduce | 50030 50060 |
● ● |
– – |
● ● |
– – |
– – |
| HDFS |
50070 50075 50090 |
● ● ● |
– – – |
● ● ● |
– – – |
– – – |
|
| NFS | 2049 |
● |
● |
● |
● |
– |
|
| AFP | 548 |
● |
– |
● |
● |
● |
|
| iSCSI | 3260 |
● |
– |
● |
– |
– |
|
a Metasploit Framework | |||||||
MySQL
MySQL is commonly found listening on TCP port 3306 of both Unix- and Windows-based servers. Nmap fingerprints the service, as demonstrated by Example 15-1. NVD lists a number of severe, unauthenticated, remotely exploitable vulnerabilities in MySQL at the time of writing, as listed in Table 15-2.
Example 15-1. MySQL service fingerprinting via ...
Get Network Security Assessment, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
