Results 1 to 9 of 9

Thread: Retrieving an sql database

  1. #1
    Junior Member
    Join Date
    Dec 2002
    Posts
    25

    Retrieving an sql database

    I havnt posted in a long long long time here, but ive hit a bit of a wall in my learning.

    Sql data bases seem rather interesting, storing a lot of personal information on users and such. So I started thinking, how do people steal the databases? I asked a few freinds and the most I got out of them was something along the lines of:

    "Oh it's easy you just send the right packet to the server and it will respond by sending you the database"

    Naturally this is not enough information.

    Is this guy talking absolute crud? If not what kind of packets are we talking about and how would one go about stopping this kind of attack?

    I don't think this is in the league of sql injection, but perhaps it is needed here also?

    Remember I am trying to retrieve the database, not inject into it.

    Any help is greatly appreciated

  2. #2
    Purveyor of Lather Syini666's Avatar
    Join Date
    Aug 2001
    Posts
    553
    Well if you can inject to the databse theres a chance you could also run custom queries and other commands. In that case it would be as simple as running a dump command to output the entire database. Also it would probably be possible to at least read the permissions tables for MySQL itself then connect to the server (provided its improperly configured) and dump the databases that way also.
    You're not your post count, You're not your avatar or sig, You're not how fast your internet connection is, You are not your processor, hard drive, or graphics card. You're the all-singing, all-dancing crap of AO
    09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

  3. #3
    Senior Member
    Join Date
    Jul 2004
    Posts
    469
    Most recently people have been getting this data, by companies losing backup tapes that have the information on them.

  4. #4
    Junior Member
    Join Date
    Dec 2002
    Posts
    25
    "it would be as simple as running a dump command to output the entire database"

    Got any other info on this? maybe a possible example?

  5. #5
    Senior Member kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.

  6. #6
    Junior Member
    Join Date
    Dec 2002
    Posts
    25
    Im assuming if sql injection was required it would be more complicated then say:

    'mysqldump [options] --all-databases

    and then all the info will be displayed for me in a neat little package. Remember I do not have physical access to the datbase to make a nice neat backup.

    I'm fairly new to the entire sql field, I read a nice article introducing it though (on these forums ) so that has helped a lot.

  7. #7
    Senior Member kr5kernel's Avatar
    Join Date
    Mar 2004
    Posts
    347
    If you want to see how sql injections work, check out hackthissite.org,

    they have "realistic missions" that allow you to exploit sql injections, its onething to see how it works, and another thing to see data coming spitting out. Give it a shot.
    kr5kernel
    (kr5kernel at hotmail dot com)
    Linux: Making Penguins Cool Since 1994.

  8. #8
    Junior Member
    Join Date
    Dec 2002
    Posts
    25
    google came up with the goods as usual and gave me a rather comprehensive guide to sql injection.

    For future reference : http://www.securiteam.com/securityre...DP0N1P76E.html

    hackthissite.org man havnt been there for some time, will have to take another look.

    Thanks for your help.

  9. #9
    Senior Member Maestr0's Avatar
    Join Date
    May 2003
    Posts
    604
    If you have found an avenue to perform injection, then there is a high probability that the data will be easy to secure. (All depends on the access the SQL user has that the queries are performed with, you need FILE to do this next trick)
    Just as a basic example, if you know the table name and fields you want (which you can find with the injection vector) then its as easy as injecting something like:

    SELECT * INTO OUTFILE '/www/html/publicdirectory/stolendata.txt' FROM CreditCards;

    now use a browser and download it.

    -Maestr0
    \"If computers are to become smart enough to design their own successors, initiating a process that will lead to God-like omniscience after a number of ever swifter passages from one generation of computers to the next, someone is going to have to write the software that gets the process going, and humans have given absolutely no evidence of being able to write such software.\" -Jaron Lanier

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •