Chapter 15. Assessing Data Stores

Databases, key-value stores, and other systems are used to cache and serve data. Attackers often compromise data stores by abusing weaknesses within their configuration, authenticating with valid credentials, and escalating privileges.

The data stores described in this chapter include relational and nonrelational databases, file service protocols, distributed file systems, and key-value stores. Table 15-1 lists implementations, service ports, and tool support within Kali Linux.

Table 15-1. Storage systems detailed in this chapter
Name Port Protocol Nmap MSFa Hydra
TCP UDP
MySQL 3306

PostgreSQL 5432

Microsoft SQL Server

1433

1434

Oracle Database 1521

MongoDB 27017

Redis 6379

Memcached 11211

Hadoop MapReduce

50030

50060

HDFS

50070

50075

50090

NFS 2049

AFP 548

iSCSI 3260

a Metasploit Framework

MySQL

MySQL is commonly found listening on TCP port 3306 of both Unix- and Windows-based servers. Nmap fingerprints the service, as demonstrated by Example 15-1. NVD lists a number of severe, unauthenticated, remotely exploitable vulnerabilities in MySQL at the time of writing, as listed in Table 15-2

Example 15-1. MySQL service fingerprinting via ...

Get Network Security Assessment, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.