Information Security

sqlscan – Backtrack 5 – Information Gathering – Web Application Analysis – Web Crawlers – sqlscan

Need to query Google for vulnerable SQL servers and extract MD5 hashes? The sqlscan.py Python script is your tool then. If you are using Backtrack release 5 you will first need install Python 2.4.4 and then fix sqlscan.py by following the instructions here and here. Once you have sqlscan.py functioning without errors proceed to the example below.

Information Security

SQLMap won’t enumerate databases

Well, I run with psymera a CTF game and we are constantly adding new VMWare machines and new tests just to keep on playing and not get bored. As part of a internal training where I work I started to create some videos on how to use SQLMap (I promise to upload here shortly in a big rant about it) so I started on what everyone does: update your version.

And something interesting happened, sqlmap enumeration broke (gorgeous) but it didn’t look much like it, it baffled me at first, so much that I had to do all by hand and asked psymera if he changed something, he said no.

So this is the info of the updated sqlmap version to that date:

bash

  1. root@fsckOSX:/pentest/database/sqlmap# svn info
  2. Path: .
  3. URL: https://svn.sqlmap.org/sqlmap/trunk/sqlmap
  4. Repository Root: https://svn.sqlmap.org/sqlmap
  5. Repository UUID: 7eb2e9d7-d917-0410-b3c8-b11144ad09fb
  6. Revision: 4380
  7. Node Kind: directory
  8. Schedule: normal
  9. Last Changed Author: stamparm
  10. Last Changed Rev: 4380
  11. Last Changed Date: 2011-09-19 12:08:08 -0700 (Mon, 19 Sep 2011)

the SVN rev is 4380, latest at Sep 19th, here is the example of a run against the vulnerable web server with this revision.

Technology Insights

Change the Table Prefix of WordPress Blog MySQL Database from wp_

The directions below will provide simple instructions on changing the prefix to your WordPress blog’s MySQL database from wp_ to whatever you choose. Its a good idea to change this prefix to prevent zero-day SQL injection attacks from being performed against your WordPress installation since your database tables will be known to everyone if you use the default prefix. So follow the below directions to make the change that should only cause minimal downtime if the steps are followed properly.

  1. MySQL Database Backup:Use the CLI or backup your database from phpMyAdmin. If using phpMyAdmin use the export feature to export a SQL version of your database and download it to the PC you are working on. Your backup should be something similar to mydb_DATE.sql.