MySQL用户和权限及破解root口令的方法示例
吾爱主题
阅读:170
2024-04-05 14:20:23
评论:0
MySQL用户和权限
在MySQL中有一个系统自身就带有的数据库叫MySQL,数据库装好以后系统自带了好几个数据库MySQL就是其中过一个,MySQL数据库有个用户账户权限相关的表叫user表,在其中就有创建的用户。
MySQL中完整的用户名是由用户+主机名形成,主机名决定了这个用户在哪个主机上能登陆。
一、用户的创建和密码修改
1.用户的创建
?| 1 | create user 'USERNAME' @ 'HOST' identified by 'PASSWORD' ; |
USERNAME:用户名
HOST:主机地址
PASSWORD:密码
示例:
?| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 | MariaDB [(none)]> create user masuri@192.168.73.133 identified by 'centos' ; Query OK, 0 rows affected (0.01 sec) MariaDB [(none)]> select user ,host, password from mysql. user ; + --------+-----------------------+-------------------------------------------+ | user | host | password | + --------+-----------------------+-------------------------------------------+ | root | localhost | | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | | masuri | 192.168.73.133 | *128977E278358FF80A246B5046F51043A2B1FCED | + --------+-----------------------+-------------------------------------------+ 7 rows in set (0.00 sec) |
MySQL中有匿名账户,可以通过跑安全加固脚本mysql_secure_installation来进行删除,也可以手动将其删除。
删除用户:
?| 1 | DROP USER 'USERNAME' @ 'HOST' ; |
示例:
?| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 | MariaDB [(none)]> select user ,host, password from mysql. user ; + --------+-----------------------+-------------------------------------------+ | user | host | password | + --------+-----------------------+-------------------------------------------+ | root | localhost | | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | | localhost | | | | localhost.localdomain | | | masuri | 192.168.73.133 | *128977E278358FF80A246B5046F51043A2B1FCED | + --------+-----------------------+-------------------------------------------+ 7 rows in set (0.00 sec) MariaDB [(none)]> DROP USER '' @ 'localhost' ; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> DROP USER '' @ 'localhost.localdomain' ; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> select user ,host, password from mysql. user ; + --------+-----------------------+-------------------------------------------+ | user | host | password | + --------+-----------------------+-------------------------------------------+ | root | localhost | | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | masuri | 192.168.73.133 | *128977E278358FF80A246B5046F51043A2B1FCED | + --------+-----------------------+-------------------------------------------+ 5 rows in set (0.00 sec) |
2.密码的修改
mysql密码的修改
?| 1 2 | SET PASSWORD FOR user = PASSWORD ( 'cleartext password' ) UPDATE table SET password = password ( 'cleartext password' ) |
示例:
对masuri用户做密码的修改
?| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 | MariaDB [(none)]> SET PASSWORD FOR masuri@192.168.73.133 = PASSWORD ( 'magedu' ); Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> select user ,host, password from mysql. user ; + --------+-----------------------+-------------------------------------------+ | user | host | password | + --------+-----------------------+-------------------------------------------+ | root | localhost | | | root | localhost.localdomain | | | root | 127.0.0.1 | | | root | ::1 | | | masuri | 192.168.73.133 | *6B8CCC83799A26CD19D7AD9AEEADBCD30D8A8664 | + --------+-----------------------+-------------------------------------------+ #此时密码已经发生改变 |
root账号口令为空,为root口令设置口令,由于一条一条的设置太过麻烦也可以使用修改表的操作来修改密码
?| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 | MariaDB [(none)]> update mysql. user set password = password ( 'centos' ) where user = 'root' ; Query OK, 4 rows affected (0.01 sec) Rows matched: 4 Changed: 4 Warnings: 0 MariaDB [(none)]> select user ,host, password from mysql. user ; + --------+-----------------------+-------------------------------------------+ | user | host | password | + --------+-----------------------+-------------------------------------------+ | root | localhost | *128977E278358FF80A246B5046F51043A2B1FCED | | root | localhost.localdomain | *128977E278358FF80A246B5046F51043A2B1FCED | | root | 127.0.0.1 | *128977E278358FF80A246B5046F51043A2B1FCED | | root | ::1 | *128977E278358FF80A246B5046F51043A2B1FCED | | masuri | 192.168.73.133 | *6B8CCC83799A26CD19D7AD9AEEADBCD30D8A8664 | + --------+-----------------------+-------------------------------------------+ 5 rows in set (0.00 sec) |
此时密码已经修改但依旧无法登陆,需要将权限刷新
?| 1 2 | MariaDB [(none)]> FLUSH PRIVILEGES ; Query OK, 0 rows affected (0.00 sec) |
二、MySQL权限管理
权限管理涉及到多种权限的类别,比如说有管理类、程序类、数据库级别、表级别和字段级别
管理类:能否创建用户,能否显示数据库列表,能否重新加载配置文件,能否关闭数据库,和复制相关的能否执行,能否管理进程,能否创建临时表,能否创建数据库中的文件。
程序类主要涉及3个程序,函数,存储过程和触发器,例如能否创建,修改,删除和执行这些程序库,表和字段级别的权限:比如能否在库,表字段里进行增、删、查、改等操作
1.授权GRANT
授权用户时如果用户不存在可以将其创建出来,在授权前首先要确认自己是管理员有授权的权限。
?| 1 2 3 4 5 6 7 | GRANT priv_type [(column_list)] [, priv_type [(column_list)]] ... ON [object_type] priv_level TO user_specification [, user_specification] ... [REQUIRE {NONE | ssl_option [[ AND ] ssl_option] ...}] [ WITH with_option ...] |
示例:
创建一个wordpress的用户,并授权。
?| 1 2 3 4 5 | MariaDB [(none)]> CREATE DATABASE wordpress; Query OK, 1 row affected (0.02 sec) MariaDB [(none)]> GRANT ALL ON wordpress.* TO wpuser@ '192.168.73.%' identified by 'mylinuxops' ; Query OK, 0 rows affected (0.00 sec) |
2.查看用户的权限
?| 1 2 3 4 5 6 7 8 | MariaDB [(none)]> show grants for wpuser@ '192.168.73.%' ; + ------------------------------------------------------------------------------------------------------------------+ | Grants for wpuser@192.168.73.% | + ------------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'wpuser' @ '192.168.73.%' IDENTIFIED BY PASSWORD '*EC0DBFB480593BB6ED2EC028A4231A72D8137406' | | GRANT ALL PRIVILEGES ON `wordpress`.* TO 'wpuser' @ '192.168.73.%' | + ------------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec) |
3.授权的其他选项
?| 1 2 3 4 | MAX_QUESRIES_PER_HOUR count #每小时最多查多少次 MAX_UPDATES_PER_HOUR count #每小时最多改多少次 MAX_CONNECTIONS_PER_HOUR count #每小时最多连多少次 MAX_USER_CONNECTIONS count #用户的最大数连接数 |
取消权限
?| 1 2 3 4 5 | REVOKE priv_type [(column_list)] [, priv_type [(column_list)]] ... ON [object_type] priv_level FROM user [, user ] ... |
示例:
?| 1 2 3 4 5 6 7 8 9 10 11 12 | MariaDB [(none)]> revoke delete on wordpress.* from wpuser@ '192.168.73.%' ; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> show grants for wpuser@ '192.168.73.%' ; + ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Grants for wpuser@192.168.73.% | + ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | GRANT USAGE ON *.* TO 'wpuser' @ '192.168.73.%' IDENTIFIED BY PASSWORD '*EC0DBFB480593BB6ED2EC028A4231A72D8137406' | | GRANT SELECT , INSERT , UPDATE , CREATE , DROP , REFERENCES , INDEX , ALTER , CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE , CREATE VIEW , SHOW VIEW , CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER ON `wordpress`.* TO 'wpuser' @ '192.168.73.%' | + ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ 2 rows in set (0.00 sec) # 此时wpuser@ '192.168.73.%' 已经没有了 delete 权限 |
MySQL的root口令破解
工作中有时候可能会遇到root口令丢失的情况,此时可以通过以下方法进行找回root口令
以下为示范如何破解root口令
一、密码未知无法登陆MySQL
?| 1 2 | [root@localhost ~]# mysql ERROR 1045 (28000): Access denied for user 'root' @ 'localhost' (using password : NO ) |
二、破解
1.修改配置文件/etc/my.cnf,添加两行参数
skip_grant_tables:跳过授权表信息,此项生效后再次使用MySQL就无需使用密码了,但是远程的其他用户也可以不使用密码登陆,有一定的风险性
skip_networking:关闭网路功能,由于光启用skip_grant_tables选项,其他用户也可以无需密码登陆MySQL非常危险,所以需要关闭网路功能只允许本地的用户进行操作。
?| 1 2 3 4 5 6 7 | [root@localhost ~]# vim /etc/my.cnf [mysqld] skip_networking= on #不启用网络功能 skip_grant_tables= on #跳过授权表 [root@localhost ~]# service mysqld restart #对位置文件修改后需要重新启动服务 Restarting mysqld (via systemctl): [ OK ] |
2.登陆MySQL,进行密码修改
?| 1 2 3 4 5 6 7 8 9 10 11 12 | [root@localhost ~]# mysql #此时已经无需输入密码就能登陆 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 11 Server version: 10.2.23-MariaDB-log Source distribution Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> UPDATE mysql. user SET password = PASSWORD ( '123456' ) where user = 'root' ; #对root的口令进行修改 Query OK, 4 rows affected (0.01 sec) Rows matched: 4 Changed: 4 Warnings: 0 |
3.口令修改完毕后,需要将配置文件恢复
将刚才启用的两个选项进行注销或者删除,然后重启服务
?| 1 2 3 4 5 6 7 | [root@localhost ~]# vim /etc/my.cnf [mysqld] #skip_networking= on #skip_grant_tables= on [root@localhost ~]# service mysqld restart Restarting mysqld (via systemctl): [ OK ] |
4.使用新口令登陆MySQL
?| 1 2 3 4 5 6 7 8 9 10 | [root@localhost ~]# mysql -uroot -p123456 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 10 Server version: 10.2.23-MariaDB-log Source distribution Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> |
以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持服务器之家。
原文链接:https://blog.51cto.com/11886307/2388443
声明
1.本站遵循行业规范,任何转载的稿件都会明确标注作者和来源;2.本站的原创文章,请转载时务必注明文章作者和来源,不尊重原创的行为我们将追究责任;3.作者投稿可能会经我们编辑修改或补充。
