Re: [sqlmap-users] cleaning up after yourself
Brought to you by:
inquisb
Menu
▾
▴
Re: [sqlmap-users] cleaning up after yourself
|
From: Rodrigo Z. S. <rod...@gm...> - 2014-12-07 17:05:10
|
it create the "sqlmapfile" TABLE. I was in shock when I see that this was in server because it give a huge way to discovery a vulnerability. 2014-12-07 15:02 GMT-02:00 Rodrigo Zanatta Silva < rod...@gm...>: > I already see that when trying to read a file in microsoft sql server it > create a "sqlmapfile" and didn't drop in the end. This is not a smart thing > to do. > > By the way, I already tried to read any file using the sqlmap and none > worked. I see some absolute path in the server but without success until > now. > > Any idea from a single file that I can read just to see that it is > working? Any common file in the Microsoft SQL SErver 2008 R2? > > 2014-12-05 19:30 GMT-02:00 Robin Wood <ro...@di...nja>: > > Fair enough, all valid points. I'd not looked at the fixed table names >> till looking at cleanup so hadn't thought about any of it before. >> >> Robin >> >> On 5 December 2014 at 21:27, Miroslav Stampar >> <mir...@gm...> wrote: >> > Well, if you think like that, used auxiliary table names are also static >> > (sqlmapfile, sqlmapfilehex and sqlmapoutput). But... leaving table >> names and >> > proc names for defensive purposes just like that around will only create >> > panic. Also, non-skiddy will easily detect that there is already a >> > proc/table name with the same name causing the problem and he will >> easily >> > adapt either sqlmap or drop older entities (e.g. via --cleanup). >> > >> > Why wouldn't you revoke privileges for creating of tables and/or >> procedures >> > for defensive purposes rather than laying around sqlmap... inside >> database? >> > >> > Bye >> > >> > On Fri, Dec 5, 2014 at 10:19 PM, Robin Wood <ro...@di...nja> wrote: >> >> >> >> Does this mean as a defence we could create a procedure with the same >> >> name which would block the creation? >> >> >> >> Robin >> >> >> >> On 5 December 2014 at 21:14, Miroslav Stampar >> >> <mir...@gm...> wrote: >> >> > Now it is "new_xp_cmdshell" so no more random/dynamic names (easier >> for >> >> > cleanup in further runs) >> >> > >> >> > Bye >> >> > >> >> > On Fri, Dec 5, 2014 at 10:08 PM, Robin Wood <ro...@di...nja> >> wrote: >> >> >> >> >> >> Sorry, somehow sent early, was trying to ask, is the name still >> >> >> dynamic or is it now just a fixed name? >> >> >> >> >> >> Robin >> >> >> >> >> >> On 5 December 2014 at 21:07, Robin Wood <ro...@di...nja> wrote: >> >> >> > OK, I've got a lab I can test it in later tonight. >> >> >> > >> >> >> > When you say not random, is it still dynamic va >> >> >> > >> >> >> > On 5 December 2014 at 21:03, Miroslav Stampar >> >> >> > <mir...@gm...> wrote: >> >> >> >> Hi. >> >> >> >> >> >> >> >> Just made a patch. Not around a testing environment to test it >> out, >> >> >> >> but >> >> >> >> now >> >> >> >> it should work (new proc name is not randomly generated from now >> on >> >> >> >> so >> >> >> >> it >> >> >> >> could be properly deleted afterwards). >> >> >> >> >> >> >> >> Bye >> >> >> >> >> >> >> >> On Fri, Dec 5, 2014 at 11:56 AM, Miroslav Stampar >> >> >> >> <mir...@gm...> wrote: >> >> >> >>> >> >> >> >>> Will check this out in an hour or so. At first glance I can see >> >> >> >>> that >> >> >> >>> we >> >> >> >>> have to make a patch for MsSQL. >> >> >> >>> >> >> >> >>> Bye >> >> >> >>> >> >> >> >>> On Thu, Dec 4, 2014 at 4:11 PM, Robin Wood <ro...@di...nja> >> >> >> >>> wrote: >> >> >> >>>> >> >> >> >>>> Looking at the commands sent I can see three drop tables for >> >> >> >>>> sqlmapfile, sqlmapfilehex and sqlmapoutput but nothing for >> stored >> >> >> >>>> procedures. >> >> >> >>>> >> >> >> >>>> On 4 December 2014 at 15:08, Robin Wood <ro...@di...nja> >> wrote: >> >> >> >>>> > Just spotted --cleanup but that didn't remove the procedure, >> >> >> >>>> > sqlmap >> >> >> >>>> > command seemed to run OK though but didn't say anything about >> >> >> >>>> > what >> >> >> >>>> > it >> >> >> >>>> > was removing, should it have done? >> >> >> >>>> > >> >> >> >>>> > Robin >> >> >> >>>> > >> >> >> >>>> > On 4 December 2014 at 15:01, Robin Wood <ro...@di...nja> >> >> >> >>>> > wrote: >> >> >> >>>> >> I'm testing sqlmap against an MSSQL DB and looking at >> running >> >> >> >>>> >> OS >> >> >> >>>> >> commands. In an attempt to reenable xp_cmdshell a stored >> proc >> >> >> >>>> >> called >> >> >> >>>> >> xp_gedp has been created and left behind, is there any way >> to >> >> >> >>>> >> automatically clean up this and any other things that are >> >> >> >>>> >> created? >> >> >> >>>> >> >> >> >> >>>> >> Robin >> >> >> >>>> >> >> >> >>>> >> >> >> >>>> >> >> >> >>>> >> >> >> >>>> >> ------------------------------------------------------------------------------ >> >> >> >>>> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT >> Server >> >> >> >>>> from Actuate! Instantly Supercharge Your Business Reports and >> >> >> >>>> Dashboards >> >> >> >>>> with Interactivity, Sharing, Native Excel Exports, App >> Integration >> >> >> >>>> & >> >> >> >>>> more >> >> >> >>>> Get technology previously reserved for billion-dollar >> >> >> >>>> corporations, >> >> >> >>>> FREE >> >> >> >>>> >> >> >> >>>> >> >> >> >>>> >> >> >> >>>> >> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk >> >> >> >>>> _______________________________________________ >> >> >> >>>> sqlmap-users mailing list >> >> >> >>>> sql...@li... >> >> >> >>>> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> >> >> >>> >> >> >> >>> >> >> >> >>> >> >> >> >>> >> >> >> >>> -- >> >> >> >>> Miroslav Stampar >> >> >> >>> http://about.me/stamparm >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> -- >> >> >> >> Miroslav Stampar >> >> >> >> http://about.me/stamparm >> >> > >> >> > >> >> > >> >> > >> >> > -- >> >> > Miroslav Stampar >> >> > http://about.me/stamparm >> > >> > >> > >> > >> > -- >> > Miroslav Stampar >> > http://about.me/stamparm >> >> >> ------------------------------------------------------------------------------ >> Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server >> from Actuate! Instantly Supercharge Your Business Reports and Dashboards >> with Interactivity, Sharing, Native Excel Exports, App Integration & more >> Get technology previously reserved for billion-dollar corporations, FREE >> >> http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk >> _______________________________________________ >> sqlmap-users mailing list >> sql...@li... >> https://lists.sourceforge.net/lists/listinfo/sqlmap-users >> > > |
