Database password cracking (take cracking MySQL database as an example) Experiment

Source: Internet
Author: User

1. Common Database types include SQLServer, MySql, IBM DB2, and Oracle.

2. DBPwAudit database password cracking tool

1) function: Performs brute force password cracking on the target database by attaching a dictionary. Currently, the supported databases include SQLServer, MySQL, Oracle, and DB2.

2) install DBPwAudit:

Figure 1. Upload the software package used in the experiment

Note: # crunch password dictionary generation tool

# Driver required by mysql-cennector-java password cracking tool (Note: different database types and different drivers)

# Dbpwaudit database password cracking main program

 

Figure 2. decompress the dbpwaudit package

[Root @ attack ~] # Unzip dbpwaudit_0_8.zip

 

3) Database Password dbpwaudit format

Note: first copy the *. jar driver to the/root/DBPwAudit/jdbc directory.

DBPwAudit-s <server>-d <db>-D <driver>-U <users>-P <passwords> [options]

-S-Server name or address. # specify the database IP address

-P-Port of database server/instance. # specify the database server Port

-D-Database/Instancename to audit. # specify the Database Name

-D-Thealiasof the driver to use (-Lforaliases) # specify the database type (Oracle, MySQL, MSSql, DB2)

-U-File containing usernames to guess. # user dictionary File

-P-File containing passwords to guess. # password dictionary File

-L-List driver aliases. # List the supported database driver aliases

-L

Oracle-oracle. jdbc. driver. OracleDriver

MySQL-com. mysql. jdbc. Driver

MSSql-com. microsoft. sqlserver. jdbc. SQLServerDriver

DB2-com. ibm. db2.jcc. DB2Driver

 

4) method 1. Crack the SQL Server database

#./Dbpwaudit. sh-s IP-d master (Database Name)-D mssql (Database Type)-U username (dictionary)-P password (dictionary)

Method 2: crack the MySql database

#./Dbpwaudit. sh-s IP-d mysql (Database Name)-D MySQL (Database Type)-U username (dictionary)-P password (dictionary)

Note: The driver must be manually imported. Create your own dictionary

 

5) decompress the mysql database driver package

[Root @ attack ~] # Tar-zxvf mysql-connector-java-5.1.24.tar.gz

 

6) manually copy the *. jar driver to the "jdbc" directory.

[Root @ attack ~] # Cp mysql-connector-java-5.1.24/mysql-connector-java-5.1.24-bin.jar DBPwAudit/jdbc/

 

3. Generate a password dictionary file using crunch

 

1) usage of crunch: dictionary generation tool

 

2) tool features:

· Generate dictionary files by means of permutation and combination

· The generation process can be interrupted by the number of rows or file size

· Supports generating dictionary files that combine numbers and symbols

· Supports case-sensitive letters

· Add a status report when multiple files are generated

 

3), tools more information and download: http://sourceforge.net/projects/crunch-wordlist/files/

 

4) Installation of the crunch Tool

 

Figure 1. decompress the crunch compressed package

[Root @ attack ~] # Tar-xvf crunch-3.4.tgz

 

Figure 2. make Compilation

[Root @ attack ~] # Cdcrunch-3.4

[Root @ localhost crunch-3.4] # make

Building binary...

/Usr/bin/gcc-pthread-Wall-pedantic-std = c99 crunch. c-lm-o crunch

 

Figure 3 install

[Root @ localhost crunch-3.4] # make install

 

5) use the crunch format

Directory:/pentest/passwords/crunch/

Usage 1: #./The possibility of the maximum number of digits in the shortest number of passwords-o generate a password dictionary

#./Crunch 5 5 1234567890-o pass1.dic

Usage 2: #./crunch the maximum number of digits in the shortest charset. lst (policy set)-o generate password dictionary

#./Crunch 6 8 charset. lst mixalpha-numeric-all-space-o pass2.dic

  • 1
  • 2
  • Next Page

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.