WinMysqladmin 1.1 Stall mysql password vulnerabilities in bright text
Article Source:
Program:
WinMysqladmin
Details:
WinMysqladmin is a MySQL management software, and found that it stores mysql in bright text. The password is in the c:winntmy.ini file.
---
#This File was made using the WinMySQLadmin 1.1 Tool
[mysqld]
basedir=C:/mysql
datadir=C: /mysql/data
[WinMySQLadmin]
Server=C:/mysql/bin/mysqld-nt.exe
user=admin
password=XXXXX (in clear text)
QueryInterval=30
---
Exploiting this vulnerability, if a remote attacker can traverse the affected system, it is possible to obtain database administrator privileges. Such as:
http://packetstormsecurity.org/9905-exploits/ms.iis4.showcode.txt
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
