Posts Tagged ‘database’

splmap 0.6 released

Monday, September 1st, 2008

My friend inquis today released one of the best SQL injection tools available to the public: sqlmap.
For the ones of you that do not know this tool yet, sqlmap is an automatic SQL injection tool developed in Python. Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user’s specific DBMS tables/columns, run his own SQL SELECT statement, read specific files on the file system and much more.

After almost a year of extensive programming I am done with complete code refactoring, many bugs fixes and many new features.
Some of the new features include:

  • Added multithreading support to set the maximum number of concurrent HTTP requests.
  • Implemented SQL shell (–sql-shell) functionality and fixed SQL query (–sql-query, before called -e) to be able to run whatever SELECT statement and get its output in both inband and blind SQL injection attack.
  • Added an option (–privileges) to retrieve DBMS users privileges, it also notifies if the user is a DBMS administrator.
  • Added support (-c) to read options from configuration file, an example of valid INI file is sqlmap.conf and support (–save) to save command line options on a configuration file.
  • Implemented support for HTTPS requests over HTTP(S) proxy.
  • Enhanced logging system: added three more levels of verbosity to show also HTTP sent and received traffic.

Complete list of changes at http://sqlmap.sourceforge.net/doc/ChangeLog.

Database datatype comparison sheet

Sunday, July 6th, 2008

Sometimes when writing automated SQL injection tools or exploit based on SQLi vulnerabilities you can fight with the different implementation of standard SQL datatype of DBMS.
Reading a lot of documentation i wrote a  comparison sheet between datatypes used by Mysql, SQL Server, Oracle, DB2, SQLite, PostgreSQL, Sybase ASE, Firebird.
You can download Adobe Acrobat [PDF] or OpenOffice [ODS].

References:

Tuning and Optimizing Performace of MySQL

Friday, June 29th, 2007

A lot of times i found a LAMP server with the MySQL server poorly configurated.
There are a lot of tips, for example enable and tune the query cache, that can enhance the performance of MySQL.
Here is a little check list:

  1. Enable the query cache and other caches
  2. Tune the settings of query cache and other caches
  3. Disable unused logging options
  4. Disable unused DBMS engine
  5. Disable binary logging if unused

Following the simple below how to you can get great performances from your MySQL server.

Links: