ZEEPROGRAMMER Telegram 2458
tgoop.com » United States » Tech Program » Telegram web » Post 2458
Tech Program
What Information Is Valuable to an Attacker?

To a skilled hacker, almost any data can be important when it comes to preparing an attack. When we think of SQL from this perspective, a lot of times our minds go right to SQL injection, but gathering information about the database itself can sometimes be just as important.



Things to look for when enumerating a database include the version, as sometimes a successful attack can be as easy as finding an exploit for an outdated version. Other things to look for are valid credentials, which can not only be used for the database, but often can be used for other applications or systems (password reuse is a real thing, and a real problem for organizations). Lastly, information about the structure of the database can be extremely useful for performing SQL injection since knowing what's there is often half the battle.
Today, we will be using Metasploit to enumerate some of this information on a MySQL database. We'll be attacking Metasploitable 2 via our Kali Linux box.
www.tgoop.com/zeeprogrammer/2458
2.7K views...., edited  



tgoop.com/zeeprogrammer/2458
Create:
Last Update:

What Information Is Valuable to an Attacker?

To a skilled hacker, almost any data can be important when it comes to preparing an attack. When we think of SQL from this perspective, a lot of times our minds go right to SQL injection, but gathering information about the database itself can sometimes be just as important.



Things to look for when enumerating a database include the version, as sometimes a successful attack can be as easy as finding an exploit for an outdated version. Other things to look for are valid credentials, which can not only be used for the database, but often can be used for other applications or systems (password reuse is a real thing, and a real problem for organizations). Lastly, information about the structure of the database can be extremely useful for performing SQL injection since knowing what's there is often half the battle.
Today, we will be using Metasploit to enumerate some of this information on a MySQL database. We'll be attacking Metasploitable 2 via our Kali Linux box.

BY Tech Program


Share with your friend now:
tgoop.com/zeeprogrammer/2458

View MORE
Open in Telegram


Telegram News

Date: |

How to Create a Private or Public Channel on Telegram? Telegram channels enable users to broadcast messages to multiple users simultaneously. Like on social media, users need to subscribe to your channel to get access to your content published by one or more administrators. To delete a channel with over 1,000 subscribers, you need to contact user support The court said the defendant had also incited people to commit public nuisance, with messages calling on them to take part in rallies and demonstrations including at Hong Kong International Airport, to block roads and to paralyse the public transportation system. Various forms of protest promoted on the messaging platform included general strikes, lunchtime protests and silent sit-ins. On June 7, Perekopsky met with Brazilian President Jair Bolsonaro, an avid user of the platform. According to the firm's VP, the main subject of the meeting was "freedom of expression."
from us


What Information Is Valuable to an Attacker?

 Tech Program TG
web: 2458
Tech Program.Telegram web
Tech Program Telegram TG Channel
Telegram Updated:
Telegram Tech Program
FROM American