EvilZone
Hacking and Security => Hacking and Security => : _SpyMachine October 01, 2012, 04:02:29 AM
-
Hey guys,
So I've been working on this penetration test, and I'm pretty new at this. I currently have root access to the web server and am looking for the database where all the user's info would be stored. However, after searching for awhile, I can't seem to find any such database. I'm pretty sure that the database might be somewhere else on the internal network, but I'm not sure entirely how to find it.
If I run an netstat -nap I can see some connections to what appear to be local ips but I'm not sure. Anyone done this before and have an idea where to look?
Thanks!
-
Not giving specific commands, just theories here...
But i would imagine instead of doing a netcat you should try and find the other machines on the network by name, look under network connections or something? Your goal is to find their name because humans are predictable, and as such they are very likely to name their DB machine "Database" or "Storage" or "DBServer" so on so forth.
Though if you mean database for their user info on the website...that'll be stored somewhere on the web machine itself. For instance, all web login ID's and Pwds will be stored in a DB on their web server. So poke around that machine a bit more if that's what your after
-
just thinking out loud ^^
its a web server...ok
what kind?
what kind of databas is it?
what kind of files on that machine has access to the database?
programs? scripts?
i mean insted of searching for a database u might find more luck searching for a connection
php script with mysql->mysql config file maby has the info..
a program has a connection-->config of program OR close program, and monitor connections when you open program again...
would you like to give a little more info?
i might be totaly lost with my thinking ^^
-
hmm, okay. I didn't realize that login information would definitely be on the web server. I'll take a closer look. I saw a NoSQL db, but i don't think it was running. Hmm maybe I need to take another look at that. Thanks guys. I'll post here again if I have an update.