Repository: uknowsec/SharpSQLDump
Branch: master
Commit: 251c409ef9a1
Files: 10
Total size: 20.1 KB
Directory structure:
gitextract_ure2ha1w/
├── README.md
├── SharpSQLDump/
│ ├── Program.cs
│ ├── Properties/
│ │ └── AssemblyInfo.cs
│ ├── SharpSQLDump.csproj
│ ├── app.config
│ ├── bin/
│ │ └── Release/
│ │ ├── SharpSQLDump.exe.config
│ │ ├── SharpSQLDump.vshost.exe.config
│ │ └── SharpSQLDump.vshost.exe.manifest
│ └── obj/
│ └── Release/
│ └── SharpSQLDump.csproj.FileListAbsolute.txt
└── SharpSQLDump.sln
================================================
FILE CONTENTS
================================================
================================================
FILE: README.md
================================================
# SharpSQLDump
## 简介
内网渗透中快速获取数据库所有库名,表名,列名;具体判断后再去翻数据,节省时间;适用于mysql,mssql。
## 使用方法
```
> SharpSQLDump.exe
Author: Uknow
Github: https://github.com/uknowsec/SharpSQLDump
Usage: SharpSQLDump.exe -h ip -u username -p password -mysql
SharpSQLDump.exe -h ip -u username -p password -mssql
```
================================================
FILE: SharpSQLDump/Program.cs
================================================
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data;
using System.Data.SqlClient;
using MySql.Data.MySqlClient;
using System.Collections;
namespace SharpSQLDump
{
class Program
{
static void Main(string[] args)
{
System.Console.WriteLine("");
System.Console.WriteLine("Author: Uknow");
System.Console.WriteLine("Github: https://github.com/uknowsec/SharpSQLDump");
System.Console.WriteLine("");
if (args.Length != 7)
{
System.Console.WriteLine("Usage: SharpSQLDump.exe -h ip -u username -p password -mysql");
System.Console.WriteLine(" SharpSQLDump.exe -h ip -u username -p password -mssql");
}
if (args.Length >= 7 && (args[6] == "-mysql"))
{
Console.WriteLine("\r\n==================== SharpSQLDump --> MySQL ====================\r\n");
MySql(args[1],args[3],args[5]);
Console.ForegroundColor = ConsoleColor.White;
}
if (args.Length >= 7 && (args[6] == "-mssql"))
{
Console.WriteLine("\r\n==================== SharpSQLDump --> MsSQL========== ==========\r\n");
MsSql(args[1], args[3], args[5]);
Console.ForegroundColor = ConsoleColor.White;
}
}
public static void MsSql(String host, String username, String password)
{
ArrayList Datebase = MsSQL_DateBase(host, username, password);
foreach (string date in Datebase)
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("\n\n[*] DataBases: " + date + " ");
ArrayList Tables = MsSQL_Table(host, username, password, date);
foreach (string table in Tables)
{
ArrayList Columns = MsSQL_Column(host, username, password, date, table);
int count = MsSQL_Count(host, username, password, date, table);
Console.ForegroundColor = ConsoleColor.Green;
Console.Write("\n\t[+] Tables: " + String.Format("{0,-12}", table));
Console.ForegroundColor = ConsoleColor.Blue;
Console.WriteLine("\n\t\tCount: " + count + "\n");
Console.ForegroundColor = ConsoleColor.White;
Console.Write("\t\t[-] Columns: [");
foreach (string column in Columns)
{
Console.Write(column + " ");
}
Console.WriteLine("]");
}
}
}
public static void MySql(String host, String username, String password){
ArrayList Datebase = MySQL_DateBase(host, username, password);
foreach (string date in Datebase)
{
Console.ForegroundColor = ConsoleColor.Red;
Console.WriteLine("\n\n[*] DataBases: " + date + " ");
ArrayList Tables = MySQL_Table(host, username, password, date);
foreach (string table in Tables)
{
ArrayList Columns = MySQL_Column(host, username, password, date, table);
int count = MySQL_Count(host, username, password, date, table);
Console.ForegroundColor = ConsoleColor.Green;
Console.Write("\n\t[+] Tables: " + String.Format("{0,-12}", table));
Console.ForegroundColor = ConsoleColor.Blue;
Console.WriteLine("\n\t\tCount: " + count + "\n");
Console.ForegroundColor = ConsoleColor.White;
Console.Write("\t\t[-] Columns: [");
foreach (string column in Columns)
{
Console.Write(column+" ");
}
Console.WriteLine("]");
}
}
}
public static ArrayList MySQL_DateBase(string server,string username,string password,string port="3306")
{
//Ip+端口+数据库名+用户名+密码
string connectStr = "server=" + server + ";port=" + port + ";database=information_schema" + ";user=" + username + ";password=" + password + ";";
ArrayList datebase = new ArrayList();
MySqlConnection conn = new MySqlConnection(connectStr); ;
try
{
conn.Open();//跟数据库建立连接,并打开连接
string sql = "select schema_name from information_schema.schemata";
MySqlCommand cmd = new MySqlCommand(sql, conn);
MySql.Data.MySqlClient.MySqlDataReader msqlReader = cmd.ExecuteReader();
while (msqlReader.Read())
{ //do something with each record
// Console.WriteLine(" Datebase: " + msqlReader[0]);
if ((msqlReader[0].ToString() != "information_schema") && (msqlReader[0].ToString() != "mysql") && (msqlReader[0].ToString() != "performance_schema") && (msqlReader[0].ToString() != "sys"))
{
datebase.Add(msqlReader[0]);
}
}
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
}
finally
{
conn.Clone();
}
return datebase;
}
public static ArrayList MsSQL_DateBase(string Server, string User, string Password)
{
//Ip+端口+数据库名+用户名+密码
string connectionString = "Server = " + Server + ";" + "Database = master;" + "User ID = " + User + ";" + "Password = " + Password + ";";
ArrayList datebase = new ArrayList();
SqlConnection conn = new SqlConnection(connectionString); ;
try
{
conn.Open();//跟数据库建立连接,并打开连接
string sql = "SELECT NAME FROM MASTER.DBO.SYSDATABASES ORDER BY NAME";
SqlCommand cmd = new SqlCommand(sql, conn);
SqlDataReader msqlReader = cmd.ExecuteReader();
while (msqlReader.Read())
{ //do something with each record
// Console.WriteLine(" Datebase: " + msqlReader[0]);
if ((msqlReader[0].ToString() != "master") && (msqlReader[0].ToString() != "model") && (msqlReader[0].ToString() != "msdb") && (msqlReader[0].ToString() != "tempdb"))
{
datebase.Add(msqlReader[0]);
}
}
msqlReader.Close(); //要记得每次调用SqlDataReader读取数据后,都要Close();
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
}
finally
{
conn.Close();
}
return datebase;
}
public static ArrayList MySQL_Table(string server, string username, string password,string database, string port = "3306")
{
//Ip+端口+数据库名+用户名+密码
string connectStr = "server=" + server + ";port=" + port + ";database=information_schema" + ";user=" + username + ";password=" + password + ";";
ArrayList tables = new ArrayList();
MySqlConnection conn = new MySqlConnection(connectStr); ;
try
{
conn.Open();//跟数据库建立连接,并打开连接
string sql = "select table_name from information_schema.tables where table_schema='" + database + "';";
MySqlCommand cmd = new MySqlCommand(sql, conn);
MySql.Data.MySqlClient.MySqlDataReader msqlReader = cmd.ExecuteReader();
while (msqlReader.Read())
{ //do something with each record
tables.Add(msqlReader[0]);
}
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
}
finally
{
conn.Clone();
}
return tables;
}
public static ArrayList MsSQL_Table(string Server, string User, string Password, string DataBase)
{
//Ip+端口+数据库名+用户名+密码
string connectionString = "Server = " + Server + ";" + "Database =" + DataBase + ";" + "User ID = " + User + ";" + "Password = " + Password + ";";
ArrayList tables = new ArrayList();
SqlConnection conn = new SqlConnection(connectionString); ;
try
{
conn.Open();//跟数据库建立连接,并打开连接
string sql = "SELECT NAME FROM SYSOBJECTS WHERE XTYPE='U' ORDER BY NAME";
SqlCommand cmd = new SqlCommand(sql, conn);
SqlDataReader msqlReader = cmd.ExecuteReader();
while (msqlReader.Read())
{ //do something with each record
tables.Add(msqlReader[0]);
}
msqlReader.Close(); //要记得每次调用SqlDataReader读取数据后,都要Close();
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
}
finally
{
conn.Close();
}
return tables;
}
public static ArrayList MySQL_Column(string server, string username, string password, string database,string table ,string port = "3306")
{
//Ip+端口+数据库名+用户名+密码
string connectStr = "server=" + server + ";port=" + port + ";database=information_schema" + ";user=" + username + ";password=" + password + ";";
ArrayList columns = new ArrayList();
MySqlConnection conn = new MySqlConnection(connectStr); ;
try
{
conn.Open();//跟数据库建立连接,并打开连接
string sql = "select column_name from information_schema.columns where table_schema='" + database + "' and table_name='" + table + "'";
MySqlCommand cmd = new MySqlCommand(sql, conn);
MySql.Data.MySqlClient.MySqlDataReader msqlReader = cmd.ExecuteReader();
while (msqlReader.Read())
{ //do something with each record
columns.Add(msqlReader[0]);
}
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
}
finally
{
conn.Clone();
}
return columns;
}
public static ArrayList MsSQL_Column(string Server, string User, string Password, string DataBase, string table)
{
//Ip+端口+数据库名+用户名+密码
string connectionString = "Server = " + Server + ";" + "Database =" + DataBase + ";" + "User ID = " + User + ";" + "Password = " + Password + ";";
ArrayList columns = new ArrayList();
SqlConnection conn = new SqlConnection(connectionString); ;
try
{
conn.Open();//跟数据库建立连接,并打开连接
string sql = "SELECT NAME FROM SYSCOLUMNS WHERE ID=OBJECT_ID('" + table + "');";
SqlCommand cmd = new SqlCommand(sql, conn);
SqlDataReader msqlReader = cmd.ExecuteReader();
while (msqlReader.Read())
{ //do something with each record
columns.Add(msqlReader[0]);
}
msqlReader.Close(); //要记得每次调用SqlDataReader读取数据后,都要Close();
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
}
finally
{
conn.Close();
}
return columns;
}
public static int MySQL_Count(string server, string username, string password, string database, string table, string port = "3306")
{
string connectStr = "server=" + server + ";port=" + port + ";database=" + database + ";user=" + username + ";password=" + password + ";";
// server=127.0.0.1/localhost 代表本机,端口号port默认是3306可以不写
MySqlConnection conn = new MySqlConnection(connectStr);
try
{
conn.Open();//打开通道,建立连接,可能出现异常,使用try catch语句
string sql = "select count(*) from " + table;
MySqlCommand cmd = new MySqlCommand(sql, conn);
Object result = cmd.ExecuteScalar();//执行查询,并返回查询结果集中第一行的第一列。所有其他的列和行将被忽略。select语句无记录返回时,ExecuteScalar()返回NULL值
if (result != null)
{
int count = int.Parse(result.ToString());
return count;
}
}
catch (MySqlException ex)
{
Console.WriteLine(ex.Message);
}
finally
{
conn.Close();
}
return 0;
}
public static int MsSQL_Count(string Server, string User, string Password, string DataBase, string table)
{
//Ip+端口+数据库名+用户名+密码
string connectionString = "Server = " + Server + ";" + "Database =" + DataBase + ";" + "User ID = " + User + ";" + "Password = " + Password + ";";
ArrayList columns = new ArrayList();
SqlConnection conn = new SqlConnection(connectionString); ;
try
{
conn.Open();//跟数据库建立连接,并打开连接
string sql = "select count(*) from " + table;
SqlCommand cmd = new SqlCommand(sql, conn);
SqlDataReader msqlReader = cmd.ExecuteReader();
while (msqlReader.Read())
{ //do something with each record
int count = int.Parse(msqlReader[0].ToString());
return count;
}
msqlReader.Close(); //要记得每次调用SqlDataReader读取数据后,都要Close();
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
}
finally
{
conn.Close();
}
return 0;
}
}
}
================================================
FILE: SharpSQLDump/Properties/AssemblyInfo.cs
================================================
using System.Reflection;
using System.Runtime.CompilerServices;
using System.Runtime.InteropServices;
// 有关程序集的常规信息通过以下
// 特性集控制。更改这些特性值可修改
// 与程序集关联的信息。
[assembly: AssemblyTitle("SharpSQLDump")]
[assembly: AssemblyDescription("")]
[assembly: AssemblyConfiguration("")]
[assembly: AssemblyCompany("")]
[assembly: AssemblyProduct("SharpSQLDump")]
[assembly: AssemblyCopyright("Copyright © 2019")]
[assembly: AssemblyTrademark("")]
[assembly: AssemblyCulture("")]
// 将 ComVisible 设置为 false 使此程序集中的类型
// 对 COM 组件不可见。如果需要从 COM 访问此程序集中的类型,
// 则将该类型上的 ComVisible 特性设置为 true。
[assembly: ComVisible(false)]
// 如果此项目向 COM 公开,则下列 GUID 用于类型库的 ID
[assembly: Guid("e7dc101b-1ca0-4eb6-8854-81f49b99d61e")]
// 程序集的版本信息由下面四个值组成:
//
// 主版本
// 次版本
// 生成号
// 修订号
//
// 可以指定所有这些值,也可以使用“生成号”和“修订号”的默认值,
// 方法是按如下所示使用“*”:
// [assembly: AssemblyVersion("1.0.*")]
[assembly: AssemblyVersion("1.0.0.0")]
[assembly: AssemblyFileVersion("1.0.0.0")]
================================================
FILE: SharpSQLDump/SharpSQLDump.csproj
================================================
Debug
AnyCPU
{E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}
Exe
Properties
SharpSQLDump
SharpSQLDump
v3.5
512
AnyCPU
true
full
false
bin\Debug\
DEBUG;TRACE
prompt
4
AnyCPU
pdbonly
true
bin\Release\
TRACE
prompt
4
C:\Users\HP\Downloads\超级弱口令检查工具V1.0 Beta17 20171217\超级弱口令检查工具V1.0 Beta17 20171217\MySql.Data.dll
================================================
FILE: SharpSQLDump/app.config
================================================
================================================
FILE: SharpSQLDump/bin/Release/SharpSQLDump.exe.config
================================================
================================================
FILE: SharpSQLDump/bin/Release/SharpSQLDump.vshost.exe.config
================================================
================================================
FILE: SharpSQLDump/bin/Release/SharpSQLDump.vshost.exe.manifest
================================================
================================================
FILE: SharpSQLDump/obj/Release/SharpSQLDump.csproj.FileListAbsolute.txt
================================================
D:\vscode\c_test\SharpSQLDump\SharpSQLDump\bin\Release\SharpSQLDump.exe.config
================================================
FILE: SharpSQLDump.sln
================================================
Microsoft Visual Studio Solution File, Format Version 12.00
# Visual Studio 2012
Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SharpSQLDump", "SharpSQLDump\SharpSQLDump.csproj", "{E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}"
EndProject
Global
GlobalSection(SolutionConfigurationPlatforms) = preSolution
Debug|Any CPU = Debug|Any CPU
Release|Any CPU = Release|Any CPU
EndGlobalSection
GlobalSection(ProjectConfigurationPlatforms) = postSolution
{E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
{E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}.Debug|Any CPU.Build.0 = Debug|Any CPU
{E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}.Release|Any CPU.ActiveCfg = Release|Any CPU
{E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}.Release|Any CPU.Build.0 = Release|Any CPU
EndGlobalSection
GlobalSection(SolutionProperties) = preSolution
HideSolutionNode = FALSE
EndGlobalSection
EndGlobal