Results 1 to 10 of 10

Thread: [VIDEO] root the box (Sqlmap/Burpsuite/Metasploit)

  1. #1
    Junior Member pigtail23's Avatar
    Join Date
    Jun 2010
    Location
    black hole
    Posts
    41

    Lightbulb [VIDEO] root the box (Sqlmap/Burpsuite/Metasploit)

    This video shows how easy it is to get root on a webserver.
    We need only few tools. As first i will show you sqlmap+burpsuite and how you can use it. As secound we will create a lillte php backdoor to get a shell. And in the last part we will try to exploit the kernel to get root access on the machine. I hope you enjoy the video and give feed back.

    Blip.tv-Link: http://pigtail23.blip.tv/file/5032728/
    VMware-IMG: http://ds.mathematik.uni-marburg.de/.../vulnimage.zip
    Local-Root Exploit Framework: http://www.grsecurity.net/~spender/enlightenment.tgz

    best regards

    edit:

    -You need Sqlmap0.9-dev or >
    -You can also login with User: blogger , Password:'OR 1=1-- -
    Last edited by pigtail23; 04-26-2011 at 02:20 PM.

  2. #2
    Senior Member LHYX1's Avatar
    Join Date
    Sep 2010
    Location
    Belgium
    Posts
    127

    Default Re: [VIDEO] root the box (Sqlmap/Burpsuite/Metasploit)

    Thanx man,
    great post
    just downloaded the vmware image.

    Altough in my case sqlmap doesn't detect the sql injection.
    I followed your exact steps from the video.
    output sqlmap: http://home.base.be/%72%68%69%6E%63%6B%78%74/1.html
    Last edited by LHYX1; 04-18-2011 at 11:48 AM.
    (\ /)
    ( . .)
    c(")(")

    This is bunny.
    Copy and paste bunny into your signature to help him gain world domination.

  3. #3
    Good friend of the forums spawn's Avatar
    Join Date
    Jan 2010
    Posts
    280

    Default Re: [VIDEO] root the box (Sqlmap/Burpsuite/Metasploit)

    Great Post
    "If you aim the gun at your foot and pull the trigger, it's
    UNIX's job to ensure reliable delivery of the bullet to
    where you aimed the gun (in this case, Mr. Foot)."

  4. #4
    Member longjidin's Avatar
    Join Date
    Feb 2010
    Location
    Kg Lengkong to Bukit Lada
    Posts
    93

    Default Re: [VIDEO] root the box (Sqlmap/Burpsuite/Metasploit)

    nice one ..........!!!

  5. #5
    Junior Member pigtail23's Avatar
    Join Date
    Jun 2010
    Location
    black hole
    Posts
    41

    Default Re: [VIDEO] root the box (Sqlmap/Burpsuite/Metasploit)

    Quote Originally Posted by LHYX1 View Post
    Thanx man,
    great post
    just downloaded the vmware image.

    Altough in my case sqlmap doesn't detect the sql injection.
    I followed your exact steps from the video.
    output sqlmap: http://home.base.be/%72%68%69%6E%63%6B%78%74/1.html
    try: ./sqlmap -l /root/sqli.txt --level=1 to 5 or set up the risk from 1 to 3 like --risk=2 or 3

  6. #6
    Senior Member LHYX1's Avatar
    Join Date
    Sep 2010
    Location
    Belgium
    Posts
    127

    Default Re: [VIDEO] root the box (Sqlmap/Burpsuite/Metasploit)

    Doesn't work either

    Code:
    root@bt:/pentest/database/sqlmap# ./sqlmap.py -l /root/sqli.txt --level=1
    
        sqlmap/0.9-dev - automatic SQL injection and database takeover tool
        http://sqlmap.sourceforge.net
    
    Usage: ./sqlmap.py [options]
    
    sqlmap.py: error: no such option: --level
    root@bt:/pentest/database/sqlmap# ./sqlmap.py -l /root/sqli.txt --risk=1
    
        sqlmap/0.9-dev - automatic SQL injection and database takeover tool
        http://sqlmap.sourceforge.net
    
    Usage: ./sqlmap.py [options]
    
    sqlmap.py: error: no such option: --risk
    I checked the help. There's indeed no such option.
    And I tried this about 10 times but each time sqlmap can't seem to find anything.
    (\ /)
    ( . .)
    c(")(")

    This is bunny.
    Copy and paste bunny into your signature to help him gain world domination.

  7. #7
    Junior Member pigtail23's Avatar
    Join Date
    Jun 2010
    Location
    black hole
    Posts
    41

    Default Re: [VIDEO] root the box (Sqlmap/Burpsuite/Metasploit)

    as first: thanks 4 the hole thanks . as secound:

    Quote Originally Posted by LHYX1 View Post
    Doesn't work either

    Code:
    root@bt:/pentest/database/sqlmap# ./sqlmap.py -l /root/sqli.txt --level=1
    
        sqlmap/0.9-dev - automatic SQL injection and database takeover tool
        http://sqlmap.sourceforge.net
    
    Usage: ./sqlmap.py [options]
    
    sqlmap.py: error: no such option: --level
    root@bt:/pentest/database/sqlmap# ./sqlmap.py -l /root/sqli.txt --risk=1
    
        sqlmap/0.9-dev - automatic SQL injection and database takeover tool
        http://sqlmap.sourceforge.net
    
    Usage: ./sqlmap.py [options]
    
    sqlmap.py: error: no such option: --risk
    I checked the help. There's indeed no such option.
    And I tried this about 10 times but each time sqlmap can't seem to find anything.
    you need to update your sqlmap:

    svn up /pentest/database/sqlmap/

    the version must be 1.0-dev.
    if this don't work try this:

    1) cd /pentest/database/

    2) rm -r sqlmap

    3) svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap

  8. #8
    Senior Member LHYX1's Avatar
    Join Date
    Sep 2010
    Location
    Belgium
    Posts
    127

    Default Re: [VIDEO] root the box (Sqlmap/Burpsuite/Metasploit)

    Thanx a lot !!
    Updated sqlmap and works fine now.
    should have kown that I had to update.
    My sqlmap was the standard that comes with Bt R2.
    (\ /)
    ( . .)
    c(")(")

    This is bunny.
    Copy and paste bunny into your signature to help him gain world domination.

  9. #9
    Senior Member voidnecron's Avatar
    Join Date
    May 2010
    Posts
    132

    Default Re: [VIDEO] root the box (Sqlmap/Burpsuite/Metasploit)

    Nice one, but try to compress the vid less, it's barely readable at some times.
    "The difference between RAID1 and RAID0 is that the zero stands for how many files you're gonna have after a harddisk failure."

  10. #10
    Just burned his ISO
    Join Date
    Sep 2010
    Posts
    5

    Default Re: [VIDEO] root the box (Sqlmap/Burpsuite/Metasploit)

    Excelent post

Similar Threads

  1. Replies: 17
    Last Post: 04-07-2011, 10:00 PM
  2. [Script] [Video] metasploit-FakeUpdate (v0.1.1)
    By g0tmi1k in forum BackTrack Videos
    Replies: 30
    Last Post: 12-06-2010, 04:53 PM
  3. [Video] Messing with Metasploit
    By g0tmi1k in forum BackTrack Videos
    Replies: 15
    Last Post: 10-10-2010, 05:14 PM
  4. [Video] Messing with Metasploit
    By imported_g0tmi1k in forum OLD BackTrack 4 Howto
    Replies: 1
    Last Post: 03-19-2010, 12:30 PM
  5. Metasploit latest video
    By imported_mzer0 in forum OLD Pentesting
    Replies: 5
    Last Post: 09-14-2009, 09:43 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •