[WEB SECURITY] Database tools required
s.parmendra at gmail.com
Wed May 12 02:43:05 EDT 2010
Let me be more specific...
What i got is a file containing the database credentials which provides
Database connection string, which can be included in all the ASP files that
require Data Base connection.
Now i wanted to know if there any tool which i can use to get connect to the
database using these credentials.
Shlomi Narkolayev -- Exactly i do not have a direct access to the database
and so i need to extract the data through the application.
Thanks for the replies.
On Wed, May 12, 2010 at 10:00 AM, Shlomi Narkolayev <shlominar at gmail.com>wrote:
> If it's a little bit serious website/organization so I'm pretty sure you
> will not get direct access to the DB, in most organizations the DMZ
> firewall allow access only to the application/web server on port 80/443 and
> not to the DB server.
> As I understand, you got databases' credentials using Penetration Test on
> the application, so I suggest you to use SQL injection to extract databases'
> entries in the same way as you found out the credentials.
> If you only have Blind SQL Injection, so you can use some automated tools
> that will help you extract DB's entries, you can use: Sqlmap, Absinthe,
> Pangolin, BSQL Hacker and many others.
> Try first to find out the database version: Select @@version;
> If it's MySQL, find out tables names using: Select table_schema, table_name
> From information_schema.Tables;
> If it's MS-SQL: SELECT name FROM master..sysobjects WHERE xtype = 'U';
> Then just run: Select * from %Tables_Names%;
> If this website is hosted on GoDaddy or something similar to that, so you
> just need to get DBs' server IP, the best way is to get it from the
> connection string, you can also try to find the IP using SQL Injection on
> the application.
> Kind Regards,
> Narkolayev Shlomi.
> Visit my blog: http://Narkolayev-Shlomi.blogspot.com<http://narkolayev-shlomi.blogspot.com/>
> On Tue, May 11, 2010 at 10:38 PM, Will Vandevanter <
> Will_Vandevanter at rapid7.com> wrote:
>> Check out the following auxiliaries in metasploit:
>> *From:* Jorge Correa [jacorream at gmail.com]
>> *Sent:* Tuesday, May 11, 2010 3:15 PM
>> *To:* Will Vandevanter
>> *Cc:* p0wnsauc3 at gmail.com; Parmendra Sharma; websecurity at webappsec.org
>> *Subject:* Re: [WEB SECURITY] Database tools required
>> Could you recommend us some of these Metasploit tools?
>> Thank you,
>> Jorge Correa
>> On Tue, May 11, 2010 at 13:36, Will Vandevanter <
>> Will_Vandevanter at rapid7.com> wrote:
>>> Also, check out Metasploit which has some great modules for connecting to
>>> specific DBs.
>>> From: TAS [p0wnsauc3 at gmail.com]
>>> Sent: Tuesday, May 11, 2010 1:59 PM
>>> To: Parmendra Sharma; websecurity at webappsec.org
>>> Subject: Re: [WEB SECURITY] Database tools required
>>> Though your are not very clear with your question, I assume, since you
>>> have got the DB credentials, you want to connect to the database at the
>>> backend directly. If that is so, every database has its client. Download and
>>> install the client and connect to the backend.
>>> Sent from BlackBerry® - Vodafone
>>> From: Parmendra Sharma <s.parmendra at gmail.com>
>>> Date: Tue, 11 May 2010 11:07:20 +0530
>>> To: <websecurity at webappsec.org>
>>> Subject: [WEB SECURITY] Database tools required
>>> Hi All,
>>> While performing a VA / PT exercise of an application i got the database
>>> credentials. Kindly suggest any tool which connects me to the database
>>> through the application.
>>> Thanks and Regards:
>>> Parmendra Sharma
>>> Computer Security Analyst
>>> Join us on IRC: irc.freenode.net #webappsec
>>> Have a question? Search The Web Security Mailing List Archives:
>>> Subscribe via RSS:
>>> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>>> Join WASC on LinkedIn
Thanks and Regards:
Computer Security Analyst
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the websecurity