Pages: [1]

Author Topic: Pen Test: Finding the db server  (Read 1050 times)

0 Members and 1 Guest are viewing this topic.

Offline _SpyMachine

  • Serf
  • *
  • Posts: 36
  • Cookies: 0
    • View Profile
Pen Test: Finding the db server
« on: October 01, 2012, 04:02:29 am »
Hey guys,


So I've been working on this penetration test, and I'm pretty new at this. I currently have root access to the web server and am looking for the database where all the user's info would be stored. However, after searching for awhile, I can't seem to find any such database. I'm pretty sure that the database might be somewhere else on the internal network, but I'm not sure entirely how to find it.


If I run an
Code: [Select]
netstat -nap I can see some connections to what appear to be local ips but I'm not sure. Anyone done this before and have an idea where to look?


Thanks!
« Last Edit: October 01, 2012, 04:02:55 am by _SpyMachine »
Report to moderator   Logged
"And it's so sad to see the world agree
That they'd rather see their faces fill with flies
All when I'd want to keep white roses in their eyes"

Offline Daemon

  • VIP
  • Baron
  • *
  • Posts: 845
  • Cookies: 153
  • A wise man fears a gentle mans anger
    • View Profile
Re: Pen Test: Finding the db server
« Reply #1 on: October 01, 2012, 04:29:50 am »
Not giving specific commands, just theories here...
But i would imagine instead of doing a netcat you should try and find the other machines on the network by name, look under network connections or something? Your goal is to find their name because humans are predictable, and as such they are very likely to name their DB machine "Database" or "Storage" or "DBServer" so on so forth.
Though if you mean database for their user info on the website...that'll be stored somewhere on the web machine itself. For instance, all web login ID's and Pwds will be stored in a DB on their web server. So poke around that machine a bit more if that's what your after
Report to moderator   Logged
This lifestyle is strictly DIY or GTFO - lucid

Because sexploits are for h0edays - noncetonic


Xires burns the souls of HF skids as a power supply

Offline relax

  • Sir
  • ***
  • Posts: 562
  • Cookies: 114
  • The one and only
    • View Profile
Re: Pen Test: Finding the db server
« Reply #2 on: October 01, 2012, 04:39:09 am »
just thinking out loud ^^

its a web server...ok
what kind?
what kind of databas is it?

what kind of files on that machine has access to the database?
programs? scripts?

i mean insted of searching for a database u might find more luck searching for a connection

php script with mysql->mysql config file maby has the info..
a program has a connection-->config of program OR close program, and monitor connections when you open program again...


would you like to give a little more info?
i might be totaly lost with my thinking ^^
Report to moderator   Logged

Offline _SpyMachine

  • Serf
  • *
  • Posts: 36
  • Cookies: 0
    • View Profile
Re: Pen Test: Finding the db server
« Reply #3 on: October 01, 2012, 04:41:50 am »
hmm, okay. I didn't realize that login information would definitely be on the web server. I'll take a closer look. I saw a NoSQL db, but i don't think it was running. Hmm maybe I need to take another look at that. Thanks guys. I'll post here again if I have an update.
Report to moderator   Logged
"And it's so sad to see the world agree
That they'd rather see their faces fill with flies
All when I'd want to keep white roses in their eyes"
Pages: [1]