I already have a Testing Ubuntu 16.04 LTS Linux server with a Testing MySQL database and a Testing phpMyAdmin 4.8.4. The vulnerability scan report generated by Nessus Web Application Tests shows that our customer is using a version of phpMyAdmin prior to 4.8.5 which could be vulnerable to SQL injection using the designer feature.įurther research shows that I can use sqlmap to determine if phpMyAdmin is SQL injectable.
SSH DOWNLOAD PHPMYADMIN 16.04 TRIAL
I took the initiative of downloading and installing Nessus Professional 8.3.1 Trial version for Windows 64-bit. Since we did not find any evidence that the hacker had breached our customer's Ubuntu 16.04 LTS production server through ssh or Teamviewer, we suspect that the hacker could have achieved it by SQL injection. In fact, I have already deployed ModSecurity 2.9.0 on a Ubuntu 16.04 LTS *Testing* server and found that it actively detects and logs Nessus and sqlmap vulnerability scans in blocking mode.
SSH DOWNLOAD PHPMYADMIN 16.04 INSTALL
I have already proposed to install ModSecurity Open Source Web Application Firewall (WAF) to defend against web application attacks but my boss has told me to put that on hold at the moment. We have also found nothing abnormal after examining /var/log/apache2/access.log.Įven though we have secured the Ubuntu Linux server by changing passwords, the hacker was still able to delete our customer's MySQL database again and again. From /var/log/mysql/error.log, we can ascertain that the MySQL database has been deleted at certain timings. We have also examined /var/log/auth.log and think that the hacker could not have come in through ssh or sftp over ssh. We responded to these security incidents by changing the passwords of the regular user, root user, and MySQL database user root. They are using Ubuntu 16.04 LTS Linux server with Apache2 Web Server, MySQL and PHP (LAMP). Our customer (company name is Confidential/not disclosed) reported that their MySQL database has been found missing or was deleted a few times. Subject/Topic: How do I determine if versions of phpMyAdmin before 4.8.5 is SQL Injectable using sqlmap? Spf=none (sender IP is ) smtp.mailfrom= Thread-index: How do I determine if versions of phpMyAdmin before 4.8.5 is SQL Injectable using sqlmap?
0 kommentar(er)
