欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

MySQL用户和权限及破解root口令的方法示例

程序员文章站 2024-02-22 23:36:04
mysql用户和权限 在mysql中有一个系统自身就带有的数据库叫mysql,数据库装好以后系统自带了好几个数据库mysql就是其中过一个,mysql数据库有个用户账...

mysql用户和权限

在mysql中有一个系统自身就带有的数据库叫mysql,数据库装好以后系统自带了好几个数据库mysql就是其中过一个,mysql数据库有个用户账户权限相关的表叫user表,在其中就有创建的用户。

mysql中完整的用户名是由用户+主机名形成,主机名决定了这个用户在哪个主机上能登陆。

一、用户的创建和密码修改

1.用户的创建

create user 'username'@'host' identified by 'password';

username:用户名
host:主机地址
password:密码

示例:

mariadb [(none)]> create user masuri@192.168.73.133 identified by 'centos';
query ok, 0 rows affected (0.01 sec)

mariadb [(none)]> select user,host,password from mysql.user;
+--------+-----------------------+-------------------------------------------+
| user | host     | password         |
+--------+-----------------------+-------------------------------------------+
| root | localhost    |           |
| root | localhost.localdomain |           |
| root | 127.0.0.1    |           |
| root | ::1     |           |
|  | localhost    |           |
|  | localhost.localdomain |           |
| masuri | 192.168.73.133  | *128977e278358ff80a246b5046f51043a2b1fced |
+--------+-----------------------+-------------------------------------------+
7 rows in set (0.00 sec)

mysql中有匿名账户,可以通过跑安全加固脚本mysql_secure_installation来进行删除,也可以手动将其删除。

删除用户:

drop user 'username'@'host';

示例:

mariadb [(none)]> select user,host,password from mysql.user;
+--------+-----------------------+-------------------------------------------+
| user | host     | password         |
+--------+-----------------------+-------------------------------------------+
| root | localhost    |           |
| root | localhost.localdomain |           |
| root | 127.0.0.1    |           |
| root | ::1     |           |
|  | localhost    |           |
|  | localhost.localdomain |           |
| masuri | 192.168.73.133  | *128977e278358ff80a246b5046f51043a2b1fced |
+--------+-----------------------+-------------------------------------------+
7 rows in set (0.00 sec)

mariadb [(none)]> drop user ''@'localhost';
query ok, 0 rows affected (0.00 sec)

mariadb [(none)]> drop user ''@'localhost.localdomain';
query ok, 0 rows affected (0.00 sec)

mariadb [(none)]> select user,host,password from mysql.user;
+--------+-----------------------+-------------------------------------------+
| user | host     | password         |
+--------+-----------------------+-------------------------------------------+
| root | localhost    |           |
| root | localhost.localdomain |           |
| root | 127.0.0.1    |           |
| root | ::1     |           |
| masuri | 192.168.73.133  | *128977e278358ff80a246b5046f51043a2b1fced |
+--------+-----------------------+-------------------------------------------+
5 rows in set (0.00 sec)

2.密码的修改

mysql密码的修改

set password for user = password('cleartext password')
update table set password = password('cleartext password')

示例:

对masuri用户做密码的修改

mariadb [(none)]> set password for masuri@192.168.73.133 = password ('magedu');
query ok, 0 rows affected (0.00 sec)

mariadb [(none)]> select user,host,password from mysql.user;
+--------+-----------------------+-------------------------------------------+
| user | host     | password         |
+--------+-----------------------+-------------------------------------------+
| root | localhost    |           |
| root | localhost.localdomain |           |
| root | 127.0.0.1    |           |
| root | ::1     |           |
| masuri | 192.168.73.133  | *6b8ccc83799a26cd19d7ad9aeeadbcd30d8a8664 |
+--------+-----------------------+-------------------------------------------+
#此时密码已经发生改变

root账号口令为空,为root口令设置口令,由于一条一条的设置太过麻烦也可以使用修改表的操作来修改密码

mariadb [(none)]> update mysql.user set password=password('centos') where user='root';
query ok, 4 rows affected (0.01 sec)
rows matched: 4 changed: 4 warnings: 0

mariadb [(none)]> select user,host,password from mysql.user;
+--------+-----------------------+-------------------------------------------+
| user | host     | password         |
+--------+-----------------------+-------------------------------------------+
| root | localhost    | *128977e278358ff80a246b5046f51043a2b1fced |
| root | localhost.localdomain | *128977e278358ff80a246b5046f51043a2b1fced |
| root | 127.0.0.1    | *128977e278358ff80a246b5046f51043a2b1fced |
| root | ::1     | *128977e278358ff80a246b5046f51043a2b1fced |
| masuri | 192.168.73.133  | *6b8ccc83799a26cd19d7ad9aeeadbcd30d8a8664 |
+--------+-----------------------+-------------------------------------------+
5 rows in set (0.00 sec)

此时密码已经修改但依旧无法登陆,需要将权限刷新

mariadb [(none)]> flush privileges;
query ok, 0 rows affected (0.00 sec)

二、mysql权限管理

权限管理涉及到多种权限的类别,比如说有管理类、程序类、数据库级别、表级别和字段级别

管理类:能否创建用户,能否显示数据库列表,能否重新加载配置文件,能否关闭数据库,和复制相关的能否执行,能否管理进程,能否创建临时表,能否创建数据库中的文件。

程序类主要涉及3个程序,函数,存储过程和触发器,例如能否创建,修改,删除和执行这些程序库,表和字段级别的权限:比如能否在库,表字段里进行增、删、查、改等操作

1.授权grant

授权用户时如果用户不存在可以将其创建出来,在授权前首先要确认自己是管理员有授权的权限。

grant 
 priv_type [(column_list)]
  [, priv_type [(column_list)]] ...
 on [object_type] priv_level
 to user_specification [, user_specification] ...
 [require {none | ssl_option [[and] ssl_option] ...}]
 [with with_option ...]

示例:

创建一个wordpress的用户,并授权。

mariadb [(none)]> create database wordpress;
query ok, 1 row affected (0.02 sec)

mariadb [(none)]> grant all on wordpress.* to wpuser@'192.168.73.%' identified by 'mylinuxops';
query ok, 0 rows affected (0.00 sec)

2.查看用户的权限

mariadb [(none)]> show grants for wpuser@'192.168.73.%';
+------------------------------------------------------------------------------------------------------------------+
| grants for wpuser@192.168.73.%                     |
+------------------------------------------------------------------------------------------------------------------+
| grant usage on *.* to 'wpuser'@'192.168.73.%' identified by password '*ec0dbfb480593bb6ed2ec028a4231a72d8137406' |
| grant all privileges on `wordpress`.* to 'wpuser'@'192.168.73.%'             |
+------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)

3.授权的其他选项

max_quesries_per_hour count #每小时最多查多少次
max_updates_per_hour count #每小时最多改多少次
max_connections_per_hour count #每小时最多连多少次
max_user_connections count #用户的最大数连接数

取消权限

revoke
 priv_type [(column_list)]
  [, priv_type [(column_list)]] ...
 on [object_type] priv_level
 from user [, user] ...

示例:

mariadb [(none)]> revoke delete on wordpress.* from wpuser@'192.168.73.%';
query ok, 0 rows affected (0.00 sec)

mariadb [(none)]> show grants for wpuser@'192.168.73.%';
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| grants for wpuser@192.168.73.%                                                   |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| grant usage on *.* to 'wpuser'@'192.168.73.%' identified by password '*ec0dbfb480593bb6ed2ec028a4231a72d8137406'                              |
| grant select, insert, update, create, drop, references, index, alter, create temporary tables, lock tables, execute, create view, show view, create routine, alter routine, event, trigger on `wordpress`.* to 'wpuser'@'192.168.73.%' |
+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
2 rows in set (0.00 sec)
# 此时wpuser@'192.168.73.%'已经没有了delete权限

mysql的root口令破解

工作中有时候可能会遇到root口令丢失的情况,此时可以通过以下方法进行找回root口令

以下为示范如何破解root口令

一、密码未知无法登陆mysql

[root@localhost ~]# mysql
error 1045 (28000): access denied for user 'root'@'localhost' (using password: no)

二、破解

1.修改配置文件/etc/my.cnf,添加两行参数

skip_grant_tables:跳过授权表信息,此项生效后再次使用mysql就无需使用密码了,但是远程的其他用户也可以不使用密码登陆,有一定的风险性

skip_networking:关闭网路功能,由于光启用skip_grant_tables选项,其他用户也可以无需密码登陆mysql非常危险,所以需要关闭网路功能只允许本地的用户进行操作。

[root@localhost ~]# vim /etc/my.cnf
[mysqld]
skip_networking=on   #不启用网络功能
skip_grant_tables=on   #跳过授权表

[root@localhost ~]# service mysqld restart       #对位置文件修改后需要重新启动服务
restarting mysqld (via systemctl):       [ ok ]

2.登陆mysql,进行密码修改

[root@localhost ~]# mysql           #此时已经无需输入密码就能登陆
welcome to the mariadb monitor. commands end with ; or \g.
your mariadb connection id is 11
server version: 10.2.23-mariadb-log source distribution

copyright (c) 2000, 2018, oracle, mariadb corporation ab and others.

type 'help;' or '\h' for help. type '\c' to clear the current input statement.

mariadb [(none)]> update mysql.user set password=password('123456') where user='root';  #对root的口令进行修改
query ok, 4 rows affected (0.01 sec)
rows matched: 4 changed: 4 warnings: 0

3.口令修改完毕后,需要将配置文件恢复

将刚才启用的两个选项进行注销或者删除,然后重启服务

[root@localhost ~]# vim /etc/my.cnf
[mysqld]
#skip_networking=on   
#skip_grant_tables=on   

[root@localhost ~]# service mysqld restart
restarting mysqld (via systemctl):       [ ok ]

4.使用新口令登陆mysql

[root@localhost ~]# mysql -uroot -p123456 
welcome to the mariadb monitor. commands end with ; or \g.
your mariadb connection id is 10
server version: 10.2.23-mariadb-log source distribution

copyright (c) 2000, 2018, oracle, mariadb corporation ab and others.

type 'help;' or '\h' for help. type '\c' to clear the current input statement.

mariadb [(none)]> 

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。