MySQL5.7.11密码破解
系统环镜:rhat 6.5
MySQL版本: rpm包Server version 5.7.11-log MySQL Community Server(GPL)和5.7.14等5,7版本都适用。
应用场景:曾经设置过root用户的图码,但是忘记了需要通过跳过密码授权的方式来破解密码,登录系块,重新修改密码。
破解密码的原理:
跳过授权表->刷新权限->修改密码->重新登录
操作过程:
1、以跳过MySQL授权的方式进入MSQL数据库(前提是如果配置文件中指定了关闭密码策略参数,需要把这行注释掉),此时任何用户都可以无密码登录数据库。
# mysqld safe --skip-grant-tables
1、登录MSQL数据库,修改数据库密码
如果直接设置密码会报错,在跳过授权表的状态下无法设置密码
mysql> set password=password(‘123456’);
ERROR 1290(HY000): The MysQL server is running with the --skip-grant-tables option so it cannot execute this statement
需要先刷新权限表
# mysql
welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 2
Server version: 5.7.11-log MySQL Community Server (GPL)
Copyright(c) 2000, 2016, Oracle and /or its affiliates, All rights reserved
8. Oracle is a registered trademark of Oracle Corporation and/or its
affiliates, other n
may be trademarks of their respective
h' for help. Typ
to clear the current input stateme
mysql> flush privileges;
mysql> alter user ‘root’@’localhost’ identified by ‘123456’;
Query OK, 0 rows affected (0.04 sec)
mysql> quit
重新以新密码登录MySQL数据库
mysql> mysql -uroot -p123456
mysql: [Warning using a password on the command line interface can be insecure
welcome to the Hy SQL monitor. Commands end with or \g
4. Your MysQL connection id is 3
5. Server version: 5.7.- log MysQL Community Server (GPL)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved
Oracle is a registered trademark of oracle Corporation and/or its
10. affiliates, other names may be trademarks of their respective
Type help:' '\h' for help. Type '\c to clear the current input statement
mysql>
登录成功!!!
MySQL5.6.26密码破解
系统环境:rhat6.5
MySQL版本:源码包: 5.6.26 source
rpm5,6,34版本已经测试过!
系统状态:已经安装完MySQL5.6.26,但是忘记密码无法进入MySQL数据库。
# mysql -P3306 -h127.0.0.1
Access denied for user root 'a localhost(using password: NO)
操作步骤:
1,以跳过授权表的方式登录MySQL数据库:
# netstat -tnulp | grep 330
# mysqld_safe --skip-slave-start &
[1] 13540
# 160928 19:49: 08 mysqld_safe Logging to ‘/usr/local/mysql/data/slavel.err’.
160928 19: 49: 08 mysqld_safe Starting mysqld daemon with databases from /usr/local/mysql/data
# netstat -tnulp | grep 330
tcp 0 0 :::3306 :::* LISTEN 13768/mysqld
此时可以通过无密码方式进入MySQL数据库
# mysql -P3306 -h127.0.0.1
Warning: Using a password on the command line interf
3. Welcome to the Hy SQL monitor.
ds end with i or \g
Your NysQL connection id is 6
Server version: 5.6.- log Source distribution
Copyright (c) 2eee, 2015, Oracle and/or its affiliates. All rights reserved
Oracle is a registered trademark of Oracle Corporation and/ or its
10. affiliates. other names may be trademarks of their respective
13. Type help: orth for help. Type \c to clear the current input statement
mysql>
刷新权限,重设密码
mysql> flush privileges;
Query OK, a rows affected (0.ee sec)
mysql> grant all on *.* to 'root'@’localhost’ identified by ‘123456’;
Query OK, 0 rows affected (0. ee sec)
11). 如何判断一个MySQL是否关闭完整
(端口、进程、pid文件、sock)
12). 初始化数据库的基本命令
(1). 相对比较旧的版本:
#mydql_install_db --datadir=datadir数据文件路径
(2). 相对比较新的版本:
#mysql --initialize --datadir=datadir数据文件路径 &
初始化完成之后,将datadir下面的文件和目录改成mysql:mysql
然后启动mysql数据库:#mysql_safe --defaults-file=/etc/my.cnf &
13). 登录数据库(使用临时密码)
14). 使用alter user修改密码
15). 重新登录测试密码
16). 如果密码找不到或者密码不对,5.6和5.6破解密码的方式不太一样,但是都可以破解