ATTACKERS have been scanning for Adminer, a popular alternative to phpMyAdmin that began appearing about a decade after PHPMyAdmin. The article notes Adminer is a single PHP file that requires no configuration, relying on the user to supply the SQL username and password for database connections, with no built-in access controls.
Although Adminer offers security plugins and OTP protection, the credential-based approach means brute-forcing remains a risk, since there is no easy way to implement two-factor authentication. Adminer limits login attempts to 30 in 30 minutes, but the main weakness is users employing weak passwords and relying on SQL authentication. The scans are described as quite aggressive recently, with attackers targeting different Adminer file versions, as opposed to obfuscated phpMyAdmin URLs such as “/pma/”.
The piece ends by urging readers to read Adminer’s security advice and not to expose Adminer to the internet. According to Johannes B. Ullrich, Ph.D., Dean of Research, SANS[.]edu.