The Pillager 0.7 Release

I spent the last couple days recoding the Pillager, getting rid of bugs, optimizing code, making it more extendable and more solid overall. So this post is to release the new code.  However, with that being said, the Pillager is in mass revision right now and I added some more developers to the team to add a whole host of new database attacking features as well as moving past databases and into other areas of post exploitation pillaging. Soon to be released..  As usual this tool and any tool i create is based on my issues when performing penetration tests and solves those problems.. If you have any insight or comments i will certainly take them into consideration for future releases.

For now check out Version 0.7.. Named searches and Data searches via external config files are now functioning properly as well as other bugs fixed along the way... Drop this in a BT5 VM and make sure you have your DB python stuff installed per the help docs and you should be good to go.  If you are looking to use oracle you are going to have to install all the oracle nonsense from oracle or use a BT4r2 vm which has most of the needed drivers minus cxoracle which will need to be installed.

http://consolecowboys.org/pillager/pillage_0.7.zip



Ficti0n$ python pillager.py
 
[---] The Database Pillager (DBPillage) [---]
[---] CcLabs Release [---]
[---] Authors: Ficti0n, [---]
[---] Contributors: Steponequit [---]
[---] Version: 0.7 [---]
[---] Find Me On Twitter: ficti0n [---]
[---] Homepage: http://console-cowboys.blogspot.com [---]

Release Notes:
 --Fixed bugs and optimized code
 --Added Docstrings
 --Fixed Named and Data searches from config files                 

About:
The Database Pillager is a multiplatform database tool for searching and browsing common
database platforms encountered while penetration testing. DBPillage can be used to search
for PCI/HIPAA data automatically or use DBPillage to browse databases,display data.
and search for specified tables/data instances.
DBpillage was designed as a post exploitation pillaging tool with a goal of targeted
extraction of data without the use of database platform specific GUI based tools that
are difficult to use and make my job harder.

Supported Platforms:
        --------------------
-Oracle
-MSSQL
-MYSQL
        -PostGreSQL
     

        Usage Examples:
        ************************************************************************
        
        For Mysql Postgres and MsSQL pillaging:
        ---------------------------------------
        python dbPillage -a [address] -d [dbType] -u [username] -p [password]
        
        
        For Oracle pillaging you need a SID connection string:
        ------------------------------------------------------
        python dbPillage-a [address]/[sid] -d [dbType] -u [username] -p [password]
        

        Grab some hashes and Hipaa specific:(Default is PCI)
        ------------------------------------
        python dbPillage -a [address] -d [dbType] -u [username] -p [password] --hashes -s hipaa


Drop into a SQL CMDShell:
-------------------------
        python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -q

Config file specified searches:
-------------------------------
Search for data Items from inputFiles/data.txt:
        python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -D

Search for specific table names from inputFiles/tables.txt:
python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -N

     
     
        Switch Options:
        ---------------------
        -# --hashes = grab database password hashes
        -l --limit  = limit the amount of rows that are searched or when displaying data (options = any number)
        -s --searchType = Type of data search you want to perform (options:pci, hipaa, all)(PCI default)
        -u --user = Database servers username
        -p --pass = Password for the database server
        -a --address = Ipaddress of the database server
        -d --database = The database type you are pillageing (options: mssql,mysql,oracle,postgres)
        -r --report = report format (HTML, XML, screen(default))
        -N --nameSearch = Search via inputFiles/tables.txt
        -D --dataSearch = Targeted data searches per inputFiles/data.txt
-q --queryShell = Drop into a SQL CMDshell in mysql or mssql
     
     
        Prerequisites:
        -------------
        python v2  (Tested on Python 2.5.2 BT4 R2 and BT5 R3 - Oracle stuff on BT4r2 only unless you install the drivers from oracle)
        cx_oracle (cx-oracle.sourceforge.net)
        psycopg2  (initd.org/psycopg/download/)
        MySQLdb   (should be on BT by default)
        pymssql   (should be on BT by default)
     

Related word

1. Hack Tools For Games
2. Ethical Hacker Tools
3. Install Pentest Tools Ubuntu
4. Hacking Tools For Pc
5. Hacking Tools Software
6. Pentest Tools Website Vulnerability
7. Beginner Hacker Tools
8. Pentest Recon Tools
9. Termux Hacking Tools 2019
10. Hacker Hardware Tools
11. Hacker Tools Free
12. Hacker Tools Free Download
13. Pentest Tools Free
14. Hacker Hardware Tools
15. Hacker Tools For Mac
16. Hacking Tools For Windows
17. Hacker Tools Linux
18. Github Hacking Tools
19. Hacking Tools Software
20. Pentest Tools Url Fuzzer
21. Free Pentest Tools For Windows
22. Hacker Tools 2019
23. Game Hacking
24. Android Hack Tools Github
25. Pentest Tools Bluekeep
26. Hack Tools Pc
27. Android Hack Tools Github
28. Pentest Tools Github
29. Hacker Hardware Tools
30. Pentest Tools Alternative
31. Pentest Recon Tools
32. Hacking Apps
33. Hacker Hardware Tools
34. Hacker Tools Apk Download
35. Easy Hack Tools
36. Pentest Tools Tcp Port Scanner
37. Wifi Hacker Tools For Windows
38. Pentest Tools Bluekeep
39. Free Pentest Tools For Windows
40. Nsa Hack Tools Download
41. Growth Hacker Tools
42. Hacking Tools Download
43. Pentest Tools For Mac
44. How To Hack
45. New Hacker Tools
46. Android Hack Tools Github
47. Pentest Tools For Android
48. Pentest Tools Website Vulnerability
49. Pentest Recon Tools
50. How To Hack
51. Hack Tools Mac
52. Hacker
53. Best Hacking Tools 2020
54. World No 1 Hacker Software
55. Pentest Box Tools Download
56. Hacker Tools For Windows
57. Hacking Tools Free Download
58. Hacker Tools For Windows
59. Tools Used For Hacking
60. Hacking Tools Pc
61. Hacker Hardware Tools
62. Pentest Automation Tools
63. Hack Tools For Windows
64. Pentest Tools Apk
65. Hacker Tools Github
66. Hacking Tools For Windows
67. Hack Tools
68. Hacking Tools Windows 10
69. Pentest Tools Alternative
70. Hacker Tools Windows
71. Hacker Tools For Windows
72. Hacker Tools For Ios
73. Bluetooth Hacking Tools Kali
74. Nsa Hack Tools Download
75. Pentest Tools Tcp Port Scanner
76. Hacking Tools For Games
77. Hacking App
78. Android Hack Tools Github
79. Hacking Tools Github
80. Hack Tools
81. Hack Rom Tools
82. Hacker Tools Linux
83. Hacking Tools Mac
84. Hacker Tool Kit
85. Nsa Hack Tools Download
86. Pentest Tools Github
87. Hacking Tools Usb
88. Hak5 Tools
89. Wifi Hacker Tools For Windows
90. Pentest Tools For Mac
91. Hacking Tools 2020
92. Black Hat Hacker Tools
93. Hack Tool Apk No Root
94. Hacker Tools Free Download
95. Blackhat Hacker Tools
96. Pentest Tools Apk
97. Hack App
98. Hacker Techniques Tools And Incident Handling
99. Hack Apps
100. Hackers Toolbox
101. Pentest Automation Tools
102. Hacking Tools And Software
103. Free Pentest Tools For Windows
104. Hacking Tools For Beginners
105. Hacking Tools For Mac
106. How To Hack
107. Pentest Tools Kali Linux
108. Pentest Tools Nmap
109. Hacker Tools Software
110. What Is Hacking Tools