MySQL5.7.11密碼破解
系統環鏡:rhat 6.5
MySQL版本: rpm包Server version 5.7.11-log MySQL Community Server(GPL)和5.7.14等5,7版本都適用。
應用場景:曾經設置過root用戶的圖碼,但是忘記了需要通過跳過密碼授權的方式來破解密碼,登錄系塊,重新修改密碼。
破解密碼的原理:
跳過授權表->刷新權限->修改密碼->重新登錄
操作過程:
1、以跳過MySQL授權的方式進入MSQL數據庫(前提是如果配置文件中指定了關閉密碼策略參數,需要把這行注釋掉),此時任何用戶都可以無密碼登錄數據庫。
# mysqld safe --skip-grant-tables
1、登錄MSQL數據庫,修改數據庫密碼
如果直接設置密碼會報錯,在跳過授權表的狀態下無法設置密碼
mysql> set password=password(‘123456’);
ERROR 1290(HY000): The MysQL server is running with the --skip-grant-tables option so it cannot execute this statement
需要先刷新權限表
# mysql
welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.11-log MySQL Community Server (GPL)
Copyright(c) 2000, 2016, Oracle and /or its affiliates, All rights reserved
8. Oracle is a registered trademark of Oracle Corporation and/or its
affiliates, other n
may be trademarks of their respective
h' for help. Typ
to clear the current input stateme
mysql> flush privileges;
mysql> alter user ‘root’@’localhost’ identified by ‘123456’;
Query OK, 0 rows affected (0.04 sec)
mysql> quit
重新以新密碼登錄MySQL數據庫
mysql> mysql -uroot -p123456
mysql: [Warning using a password on the command line interface can be insecure
welcome to the Hy SQL monitor. Commands end with or \g
4. Your MysQL connection id is 3
5. Server version: 5.7.- log MysQL Community Server (GPL)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved
Oracle is a registered trademark of oracle Corporation and/or its
10. affiliates, other names may be trademarks of their respective
Type help:' '\h' for help. Type '\c to clear the current input statement
mysql>
登錄成功!!!
MySQL5.6.26密碼破解
系統環境:rhat6.5
MySQL版本:源碼包: 5.6.26 source
rpm5,6,34版本已經測試過!
系統狀態:已經安裝完MySQL5.6.26,但是忘記密碼無法進入MySQL數據庫。
# mysql -P3306 -h127.0.0.1
Access denied for user root 'a localhost(using password: NO)
操作步驟:
1,以跳過授權表的方式登錄MySQL數據庫:
# netstat -tnulp | grep 330
# mysqld_safe --skip-slave-start &
[1] 13540
# 160928 19:49: 08 mysqld_safe Logging to ‘/usr/local/mysql/data/slavel.err’.
160928 19: 49: 08 mysqld_safe Starting mysqld daemon with databases from /usr/local/mysql/data
# netstat -tnulp | grep 330
tcp 0 0 :::3306 :::* LISTEN 13768/mysqld
此時可以通過無密碼方式進入MySQL數據庫
# mysql -P3306 -h127.0.0.1
Warning: Using a password on the command line interf
3. Welcome to the Hy SQL monitor.
ds end with i or \g
Your NysQL connection id is 6
Server version: 5.6.- log Source distribution
Copyright (c) 2eee, 2015, Oracle and/or its affiliates. All rights reserved
Oracle is a registered trademark of Oracle Corporation and/ or its
10. affiliates. other names may be trademarks of their respective
13. Type help: orth for help. Type \c to clear the current input statement
mysql>
刷新權限,重設密碼
mysql> flush privileges;
Query OK, a rows affected (0.ee sec)
mysql> grant all on *.* to 'root'@’localhost’ identified by ‘123456’;
Query OK, 0 rows affected (0. ee sec)
11). 如何判斷一個MySQL是否關閉完整
(端口、進程、pid文件、sock)
12). 初始化數據庫的基本命令
(1). 相對比較舊的版本:
#mydql_install_db --datadir=datadir數據文件路徑
(2). 相對比較新的版本:
#mysql --initialize --datadir=datadir數據文件路徑 &
初始化完成之后,將datadir下面的文件和目錄改成mysql:mysql
然后啟動mysql數據庫:#mysql_safe --defaults-file=/etc/my.cnf &
13). 登錄數據庫(使用臨時密碼)
14). 使用alter user修改密碼
15). 重新登錄測試密碼
16). 如果密碼找不到或者密碼不對,5.6和5.6破解密碼的方式不太一樣,但是都可以破解