Skip to main content
__wf_reserved_inherit

MariaDB Credentials

Description

General

  • Documentation: https://mariadb.org/documentation/
  • Summary: MariaDB is an open-source relational database developed by the MariaDB Foundation. This detector aims at detecting MariaDB credentials in assignments. Two GitGuardian detectors are associated to MariaDB credentials depending on whether the targeted port number is attached to the hostname or defined separately.
  • IPs allowlist: This can be set on the server side.
  • Scopes: MariaDB supports many Role Based Access Controls. Here are some details on how to set these roles. The scopes of the credentials found vary according to these RBAC settings.

Revoke the secret

Depending on the leak's criticality, the following commands can be useful in the revocation process: SET PASSWORD, ALTER USER, or DROP USER.

Check for suspicious activity

The server can be configured to log any activity on the database.

Details for Mariadb assignment

  • Family: Database

  • Category: Data storage

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 0.08

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: true
- type: ContentWhitelistPreValidator
  patterns:
    - maria

Examples

- text: |
    mariadb.url=google.com
    mariadb.port=50003
    mariadb.user=root
    mariadb.password=sup3rstr0ngpass
  host: google.com
  port: '50003'
  username: root
  password: sup3rstr0ngpass

Details for Mariadb assignment attached port

  • Family: Database

  • Category: Data storage

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 7.82

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: true
- type: ContentWhitelistPreValidator
  patterns:
    - maria

Examples

- text: |
    db.url=jdbc:mariadb://google.com:50003/dev
    db.user=root
    db.password=sup3rstr0ngpass
  host: google.com
  port: '50003'
  username: root
  password: sup3rstr0ngpass
__wf_reserved_inherit__wf_reserved_inherit

Something we didn’t cover?

__wf_reserved_inherit

See our Roadmap

__wf_reserved_inherit

Subscribe on GitHub

__wf_reserved_inherit

Submit a request

__wf_reserved_inherit

API status