Database password cracking (take cracking MySQL database as an example) Experiment

1. Common Database types include SQLServer, MySql, IBM DB2, and Oracle.

2. DBPwAudit database password cracking tool

1) function: Performs brute force password cracking on the target database by attaching a dictionary. Currently, the supported databases include SQLServer, MySQL, Oracle, and DB2.

2) install DBPwAudit:

Figure 1. Upload the software package used in the experiment

Note: # crunch password dictionary generation tool

# Driver required by mysql-cennector-java password cracking tool (Note: different database types and different drivers)

# Dbpwaudit database password cracking main program

 

Figure 2. decompress the dbpwaudit package

[Root @ attack ~] # Unzip dbpwaudit_0_8.zip

 

3) Database Password dbpwaudit format

Note: first copy the *. jar driver to the/root/DBPwAudit/jdbc directory.

DBPwAudit-s <server>-d <db>-D <driver>-U <users>-P <passwords> [options]

-S-Server name or address. # specify the database IP address

-P-Port of database server/instance. # specify the database server Port

-D-Database/Instancename to audit. # specify the Database Name

-D-Thealiasof the driver to use (-Lforaliases) # specify the database type (Oracle, MySQL, MSSql, DB2)

-U-File containing usernames to guess. # user dictionary File

-P-File containing passwords to guess. # password dictionary File

-L-List driver aliases. # List the supported database driver aliases

-L

Oracle-oracle. jdbc. driver. OracleDriver

MySQL-com. mysql. jdbc. Driver

MSSql-com. microsoft. sqlserver. jdbc. SQLServerDriver

DB2-com. ibm. db2.jcc. DB2Driver

 

4) method 1. Crack the SQL Server database

#./Dbpwaudit. sh-s IP-d master (Database Name)-D mssql (Database Type)-U username (dictionary)-P password (dictionary)

Method 2: crack the MySql database

#./Dbpwaudit. sh-s IP-d mysql (Database Name)-D MySQL (Database Type)-U username (dictionary)-P password (dictionary)

Note: The driver must be manually imported. Create your own dictionary

 

5) decompress the mysql database driver package

[Root @ attack ~] # Tar-zxvf mysql-connector-java-5.1.24.tar.gz

 

6) manually copy the *. jar driver to the "jdbc" directory.

[Root @ attack ~] # Cp mysql-connector-java-5.1.24/mysql-connector-java-5.1.24-bin.jar DBPwAudit/jdbc/

 

3. Generate a password dictionary file using crunch

 

1) usage of crunch: dictionary generation tool

 

2) tool features:

· Generate dictionary files by means of permutation and combination

· The generation process can be interrupted by the number of rows or file size

· Supports generating dictionary files that combine numbers and symbols

· Supports case-sensitive letters

· Add a status report when multiple files are generated

 

3), tools more information and download: http://sourceforge.net/projects/crunch-wordlist/files/

 

4) Installation of the crunch Tool

 

Figure 1. decompress the crunch compressed package

[Root @ attack ~] # Tar-xvf crunch-3.4.tgz

 

Figure 2. make Compilation

[Root @ attack ~] # Cdcrunch-3.4

[Root @ localhost crunch-3.4] # make

Building binary...

/Usr/bin/gcc-pthread-Wall-pedantic-std = c99 crunch. c-lm-o crunch

 

Figure 3 install

[Root @ localhost crunch-3.4] # make install

 

5) use the crunch format

Directory:/pentest/passwords/crunch/

Usage 1: #./The possibility of the maximum number of digits in the shortest number of passwords-o generate a password dictionary

#./Crunch 5 5 1234567890-o pass1.dic

Usage 2: #./crunch the maximum number of digits in the shortest charset. lst (policy set)-o generate password dictionary

#./Crunch 6 8 charset. lst mixalpha-numeric-all-space-o pass2.dic

1 2 Next Page