Certain scripts related to DBMS use data files to store common, related strings and fingerprints to perform security audits. If you normally work with Oracle environments, I highly recommend updates to the following files.
The mysql-cis.audit
file inside your Nmap data directory contains configuration checks described in the CIS MySQL v1.0.2 benchmark. It is used by the mysql-audit
script to perform configuration checks by carrying out a series of tests. A test looks like this:
-- Logging test { id="3.1", desc="Skip symbolic links", sql="SHOW variables WHERE Variable_name = 'log_error' AND Value IS NOT NULL", check=function(rowstab) return { status = not(isEmpty(rowstab[1])) } end }
You may set the mysql-audit
script argument to select an alternate database:
$nmap -sV --script mysql-audit --script-args mysql-audit.filename=/pentest/mysql.audit <target>
Tip
The official documentation for the mysql-audit
script can be found at http://nmap.org/nsedoc...