Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "MySQL - Dump Files" module is designed to detect the presence of MySQL dump files. It targets MySQL databases and helps identify potential misconfigurations or vulnerabilities. This module is classified as medium severity.
MySQL dump files can expose sensitive information, including database structure and data. If these files are accessible to unauthorized users, it can lead to data breaches, unauthorized access, or even data manipulation.
The "MySQL - Dump Files" module works by sending HTTP requests to specific paths commonly used for MySQL dump files. It uses matching conditions to determine if a file is a MySQL dump file. The module checks for the presence of SQL statements such as DROP, CREATE, UNLOCK, and INSERT INTO in the response body. It also verifies that the HTTP response status is either 200 or 206.
Here is an example of an HTTP request sent by the module:
GET /1.sql HTTP/1.1
Host: example.com
Range: bytes=0-3000
The module matches the response against the following conditions:
- The response body must contain SQL statements such as DROP, CREATE, UNLOCK, or INSERT INTO. - The HTTP response status must be either 200 or 206.If both conditions are met, the module identifies the file as a MySQL dump file.
Range: bytes=0-3000