Thursday, August 11, 2016

web server - DB Detection: MySQL >=5 (Auto Detected) Method: GET Type: Integer (Auto Detected)



Could someone please tell me which penetration-testing tool leaves behind a page that looks like this?



DB Detection:   MySQL >=5 (Auto Detected)
Method: GET

Type:   Integer (Auto Detected)

db_name
Table Name  Columns
table_1
table_2
table_3
table_4
table_5
table_6

table_7


A site one of my clients operates was recently threatened, and as proof, the hacker sent over a report that looked like the above. It looks like this was generated by an automated tool.



Could someone point the tool out, so that I can patch the vulnerability that is being exploited?


Answer



That is almost certainly output from sqlmap: http://sqlmap.org/


-

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...