MySQL Credentials
Description
General
- Documentation: https://dev.mysql.com/doc/refman/8.0/en/
- Summary: MySQL is an open-source relational database management system now maintained by Oracle Corporation. This detector aims at detecting MySQL credentials in a URI connection string, assignments or in a CLI command.
Revoke the secret
Depending on the leak's criticality, the following commands can be useful in the revocation process: SET PASSWORD, ALTER_USER, or DROP USER.
Details for MySQL CLI Credentials
-
Family: identifiers
-
Category: data_storage
-
Company: Oracle
-
High recall: False
-
Validity check available: True
-
Analyzer available: True
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 3
-
Occurrences found for one million commits: 4.53
-
Prefixed: False
Details for MySQL URI
-
Family: identifiers
-
Category: data_storage
-
Company: Oracle
-
High recall: True
-
Validity check available: True
-
Analyzer available: True
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 5
-
Occurrences found for one million commits: 44.16
-
Prefixed: True
Details for MySQL Assignment
-
Family: identifiers
-
Category: data_storage
-
Company: Oracle
-
High recall: False
-
Validity check available: True
-
Analyzer available: True
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 4
-
Occurrences found for one million commits: 52.29
-
Prefixed: False
Details for MySQL Assignment
-
Family: identifiers
-
Category: data_storage
-
Company: Oracle
-
High recall: False
-
Validity check available: True
-
Analyzer available: True
-
On-premise instances exist: False
-
Only valid secrets raise an alert: False
-
Minimum number of matches: 4
-
Occurrences found for one million commits: 90.36
-
Prefixed: False
Secret Analyzer
Analysis Method
- Provider allows scopes enumeration: False
- Total network call count: 5
- Total call count may vary: False
HTTP Calls
Requests are designed to capture metadata and not to function effectively. No HTTP calls for this analyzer.
Other Calls
Non-HTTP queries or HTTP calls made through a third-party app (e.g., Python package).
SELECT @@GLOBAL.sql_mode
SELECT routine_schema, routine_name FROM information_schema.routines
SELECT table_schema, table_name, IFNULL(DATA_LENGTH,0) FROM information_schema.tables
SHOW DATABASES
SHOW GRANTS