Metasploit, NMAP, Port Scanning

Discover open mysql ports

MySQL is running by default on port 3306. To discover MySQL you can do it either with nmap or with Metasploit’s auxiliary modules.
The NMAP way
Nmap is a free and open source network discovery and security auditing utility. It can discover open ports, running services, operating system version and much more.

To discover open MySQL ports we use nmap in this way:

nmap -sT -sV -Pn -n -p 3306


-sT: TCP connect scan
-sV: Determine Service version information
-Pn: skip Host discovery
-p 3306: Scan port 3306
-n: no dns resolution
Scanning the whole network

nmap -sT -sV -Pn –open -p 3306


–open: Show only open ports

The Metasploit way
Metasploit offers auxiliary module mysql_version. This module enumerates the version of running MySQL servers.

To use it type:

use auxiliary/scanner/mysql/mysql_version

To use this scanner you have to set its options. Type:

show options

To see a list of available options.

Set the RHOSTS parameter:





Set the RPORT parameter to a different value if you believe that the MySQL Server is listening on a different port:

Set RPORT 3333


Increase THREADS value for a faster scanning:

set THREADS 50


Now, just type:


and hit enter.

Published in Hakin9 magazine on October 25, 2012