Need to query Google for vulnerable SQL servers and extract MD5 hashes? The sqlscan.py Python script is your tool then. If you are using Backtrack release 5 you will first need install Python 2.4.4 and then fix sqlscan.py by following the instructions here and here. Once you have sqlscan.py functioning without errors proceed to the example below.
Recently I have been doing a lot of testing on a couple of my web sites that run WordPress and realized that securing your site takes a bit of effort. There are some plugins that do a great job at certain things however I wasn’t able to find any that did a great job of securing everything that I would prefer be secured. Below I describe a multi-pronged approach to securing your WordPress site from hacking attempts using multiple WordPress plugins as well as performing a couple manual steps that ensure the WordPress details exposed to the world are minimal.
Well, I run with psymera a CTF game and we are constantly adding new VMWare machines and new tests just to keep on playing and not get bored. As part of a internal training where I work I started to create some videos on how to use SQLMap (I promise to upload here shortly in a big rant about it) so I started on what everyone does: update your version.
And something interesting happened, sqlmap enumeration broke (gorgeous) but it didn’t look much like it, it baffled me at first, so much that I had to do all by hand and asked psymera if he changed something, he said no.
So this is the info of the updated sqlmap version to that date:
- root@fsckOSX:/pentest/database/sqlmap# svn info
- Path: .
- URL: https://svn.sqlmap.org/sqlmap/trunk/sqlmap
- Repository Root: https://svn.sqlmap.org/sqlmap
- Repository UUID: 7eb2e9d7-d917-0410-b3c8-b11144ad09fb
- Revision: 4380
- Node Kind: directory
- Schedule: normal
- Last Changed Author: stamparm
- Last Changed Rev: 4380
- Last Changed Date: 2011-09-19 12:08:08 -0700 (Mon, 19 Sep 2011)
the SVN rev is 4380, latest at Sep 19th, here is the example of a run against the vulnerable web server with this revision.
The directions below will provide simple instructions on changing the prefix to your WordPress blog’s MySQL database from wp_ to whatever you choose. Its a good idea to change this prefix to prevent zero-day SQL injection attacks from being performed against your WordPress installation since your database tables will be known to everyone if you use the default prefix. So follow the below directions to make the change that should only cause minimal downtime if the steps are followed properly.
- MySQL Database Backup:Use the CLI or backup your database from phpMyAdmin. If using phpMyAdmin use the export feature to export a SQL version of your database and download it to the PC you are working on. Your backup should be something similar to mydb_DATE.sql.