Admin Acc On l2 private server

ptitlaby · June 29, 2009

Ok I read the whole post and I need some explanations, so I'll write what I understood, tell me if I'm wrong :)

This exploit use the fact that admins often choose root/root as login/mdp and the default port for Mysql Db is 3306. If the login/mdp is not root/root, we must use a Bruteforcer to find the mdp.

You gived a Wordlist and some links for some Bruteforcer, what is the approximate time for you to break a pwd (with a $$$$$ Computer or a Standart Computer ?)

The Default port for Mysql Db is always 3306 ? If not we must scan ports, I guess I must find all ports which are open ?

Thanks for your help, I still have some errors with Navicat (oftenly the 10061 error) but I'll suceed ^^

Emrys · June 29, 2009

yes you are correct.

ptitlaby · June 29, 2009

Ty TheEnd

I found that my error 10061 comes from the fact that serveur doesn't accept external connections. Is it possible to avoid that ? I thought of using this server as proxy and then launch Navicat

Emrys · June 29, 2009

No you cant..

xXSkillerXx · June 29, 2009