Skip to main content

MariaDB Credentials

Description

General

  • Documentation: https://mariadb.org/documentation/
  • Summary: MariaDB is an open-source relational database developed by the MariaDB Foundation. This detector aims at detecting MariaDB credentials in assignments. Two GitGuardian detectors are associated to MariaDB credentials depending on whether the targeted port number is attached to the hostname or defined separately.
  • IPs allowlist: This can be set on the server side.
  • Scopes: MariaDB supports many Role Based Access Controls. Here are some details on how to set these roles. The scopes of the credentials found vary according to these RBAC settings.

Revoke the secret

Depending on the leak's criticality, the following commands can be useful in the revocation process: SET PASSWORD, ALTER USER, or DROP USER.

Check for suspicious activity

The server can be configured to log any activity on the database.

Details for MariaDB Credentials

  • Family: identifiers

  • Category: data_storage

  • High recall: False

  • Validity check available: True

  • Analyzer available: False

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 0.08

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: true
- type: ContentWhitelistPreValidator
  patterns:
    - maria

Examples

- text: |
    mariadb.url=google.com
    mariadb.port=50003
    mariadb.user=root
    mariadb.password=sup3rstr0ngpass
  host: google.com
  port: '50003'
  username: root
  password: sup3rstr0ngpass

Details for MariaDB Credentials

  • Family: identifiers

  • Category: data_storage

  • High recall: False

  • Validity check available: True

  • Analyzer available: False

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 8.94

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: true
- type: ContentWhitelistPreValidator
  patterns:
    - maria

Examples

- text: |
    db.url=jdbc:mariadb://google.com:50003/dev
    db.user=root
    db.password=sup3rstr0ngpass
  host: google.com
  port: '50003'
  username: root
  password: sup3rstr0ngpass
Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status