sQuo Posted September 20, 2012 Share Posted September 20, 2012 SQLReInjector A tool for automated identification of exfiltrated data SQLReInjector.py is designed as a tool to be used in responses to SQL injection attacks. At a high level, the tool is designed to operate against two components: (1) a virtual machine built off of a forensic image of a compromised server; and (2) the web server logs extracted from that forensic image. Basic Usage: Output is stored in a sqlite database that you can then analyze. After virtualizing the forensic image and extracting the web server logs, SQLReInjector.py can be run with the following command line options: -i --inLog : The web server log containing the SQL injection requests. -d --dbFile : A sqlite database file the script will use to store its OUTPUT. -w --website : The URL to the virtualized forensic image. -l --logFormat : The LogFormat string from the web server's configuration file. Advanced Usage: SQLReInjector can take the following command line arguments: -j --havijParser Pass to have SQLReInjector reconstruct the database table as exfiltrated by Havij. -c --compareToGood : Pass to have SQL ReInjector compare the results of SQL injection requests against a known good. -k --knownGood : The local HTML copy of a known good version of the attacked site to use for diffs. -e --cookie : If the webapp requires a session cookie, you can pass one to SQL ReInjector. The -c and -k flags have to be passed together. The -k flag should point to a local HTML copy of the website that hasn't been affected by an attack. This is the hidden content, please Sign In or Sign Up This is the hidden content, please Sign In or Sign Up Link to comment Share on other sites More sharing options...
skyblu Posted September 24, 2012 Share Posted September 24, 2012 (edited) Re: SQLReInjector Muy buena aplicación hermano Edited October 8, 2012 by skyblu Link to comment Share on other sites More sharing options...
kestrel Posted September 27, 2012 Share Posted September 27, 2012 Re: SQLReInjector thanks hum Link to comment Share on other sites More sharing options...
d3koder Posted September 27, 2012 Share Posted September 27, 2012 Re: SQLReInjector buena maquina amigo! Link to comment Share on other sites More sharing options...
Recommended Posts