[Tool hack] sql inject - Pangolin

Pangolin is a penetration testing, SQL Injection test tool on database security. It finds SQL Injection vulnerabitlities.Its goal is to detect and take advantage of SQL injection vulnerabilities on web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user”s specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.”

Pangolin release notes:
1. Enhanced ability to Inject.
2. Enhanced Auto-Analyzed Keywords function accuracy.
3. Add ability to auto dump table and column.  (This function will not re-dump data when data exist in Table view).
4. Fixed issue of garbled  Auto-Analyzed Keywords when SQL Injection point bee loaded. 
5. Fixed http header "Content-Length" issue. Auto delete this parameter.
6. Fixed issue of Table view.
7. Fixed issue of load from.
8. Fixed issue of Cookie Injection when valued contains "=".

Home page: http://www.nosec-inc.com/en/news/2010/1224/43.html

Download: Bản 3.2.3.1105 http://down3.nosec.org/pangolin_free_edition_3.2.3.1105.zip

Hướng dẫn: http://www.nosec-inc.com/en/uploads/PangolinWhitePaper.pdf

Hướng dẫn: http://www.nosec-inc.com/en/uploads/PangolinDataSheet.pdf

Có lẽ đây là quan trọng nhất:

Columns

about
access
accnt
accnts
account
accounts
admin
admin_id
admin_name
admin_pass
admin_passwd
admin_password
admin_pwd
admin_user
admin_userid
admin_username
adminemail
adminid
administrator
administrator_name
administrators
adminlogin
adminmail
adminname
adminpass
adminpassword
adminpaw
adminpwd
admins
AdminUID
adminuser
adminuserid
adminusername
aid
aim
apwd
auid
auth
authenticate
authentication
blog
cc_expires
cc_number
cc_owner
cc_type
cfg
cid
client
clientname
clientpassword
clients
clientusername
conf
config
contact
converge_pass_hash
converge_pass_salt
crack
customer
customers
customers_email_address
customers_password
cvvnumber]
data
db_database_name
db_hostname
db_password
db_username
download
e_mail
email
e-mail
emailaddress
emer
emni
emniplote
emri
fjalekalimi
fjalekalimin
full
gid
group
group_name
hash
hashsalt
homepage
icq
icq_number
id
id_group
id_member
images
ime
index
ip_address
ipaddress
kodi
korisnici
korisnik
kpro_user
last_ip
last_login
lastname
llogaria
log
login
login_admin
login_name
login_pass
login_passwd
login_password
login_pw
login_pwd
login_user
login_username
logini
loginkey
loginout
logins
logo
logohu
lozinka
mail
md5hash
mem_login
mem_pass
mem_passwd
mem_password
mem_pwd
member
member_login_key
member_name
memlogin
mempassword
mima
my_email
my_name
my_password
my_username
myname
mypassword
myusername
name
nc
new
news
nick
number
nummer
p_assword
p_word
pass
pass_hash
pass_w
pass_word
pass1word
passw
passwd
password
passwordsalt
passwort
passwrd
perdorimi
perdoruesi
personal_key
phone
privacy
psw
punetoret
punonjes
pw
pwd
pword
pwrd
salt
sb_admin_name
sb_pwd
search
secretanswer
secretquestion
serial
session_member_id
session_member_login_key
sesskey
setting
sid
sifra
spacer
status
store
store1
store2
store3
store4
table_prefix
temp_pass
temp_password
temppass
temppasword
text
u_name
uid
un
uname
user
user_admin
user_email
user_icq
user_id
user_ip
user_level
user_login
user_n
user_name
user_pass
user_passw
user_passwd
user_password
user_pw
user_pwd
user_pword
user_pwrd
user_un
user_uname
user_username
user_usernm
user_usernun
user_usrnm
user1
useradmin
userid
userip
userlogin
usern
username
usernm
userpass
userpassword
userpw
userpwd
users
usr
usr_n
usr_name
usr_pass
usr2
usrn
usrnam
usrname
usrnm
usrpass
usrs
warez
wp_users
xar_name
xar_pass

Tables

a_admin
account
accounts
ACT_INFO
adm
admin
admin_user
admin_userinfo
administrator
adminuser
art
article_admin
bbs
book
clubconfig
company
config
dbadmins
info
login
login_admin
login_admins
login_user
login_users
logins
lost_pass
lost_passwords
lostpass
lostpasswords
m_admin
manage
manager
member
memberlist
members
movie
movies
news
password
pwd
pwds
reguser
sb_host_admin
superuser
sysadmin
sysadmins
sysuser
sysusers
tb_admin
tb_administrator
tb_login
tb_member
tb_members
tb_user
tb_username
tb_usernames
tb_users
tbl_user
tbl_users
tbladmins
tblclients
tblservers
tbluser
user
user_admin
user_info
user_list
user_login
user_logins
user_names
userinfo
userlist
username
usernames
userrights
users
webadmin
webadmins
Webmaster
Webuser
x_admin

Như vậy, ngoài Havij, Pangolin là công cụ tro giúp cho việc tấn công bằng SQL Inject được nhanh chóng hơn :)) . Và, chúng ta nhận thấy 1 điều rằng :)). Điều quan trọng trong 2 tool này chính là cơ sở dữ liệu về Table và Columns. Biết đâu có cái bảng như này :)). Table name: Bang_admin , Các columns là: ten,email,matkhau :))