• caglararli@hotmail.com
  • 05386281520

Conducting a proof-of-concept attack on an open MySQL port

Çağlar Arlı      -    15 Views

Conducting a proof-of-concept attack on an open MySQL port

I am not very experienced nor do I have acceptable knowledge, that is why I have signed up to work on a small project to gain some experience, where they don't seem to care about security much.

After running a scan, I noticed that they have many unnecessary open ports (including MySQL server: 3306) and are horrifically vulnerable.

I want to somehow show them that what they think is a passive thing is a great way of exploiting their system, but I am not looking to run a full penetration or Thread Emulation test, since I am not that experienced to go through these.

Is there any way to access their database without causing them harm, just to notify them about the situation?