search

26.Attacking-applications-connecting-to-services

hashtag
1. ELF Executable Analysis (octopus_checker)

hashtag
Overview

  • The octopus_checker binary attempts to connect to a database.

  • It likely contains a SQL connection string with credentials.

hashtag
Tools Used

  • GDB (GNU Debugger)

  • PEDA (Python Exploit Development Assistance for GDB)

hashtag
Steps to Analyze ELF Binary

  1. Run the binary in GDB.

  2. Disassemble the main function to find SQL connection string components.

  3. Identify the SQLDriverConnect call.

  4. Set a breakpoint at the SQLDriverConnect call.

  5. Run the program and examine the register values (specifically RDX) to find the connection string.

hashtag
GDB Commands

# Start debugging the ELF executable
gdb ./octopus_checker

# Set disassembly flavor to Intel syntax
set disassembly-flavor intel

# Disassemble the main function
disas main

# Set breakpoint at the identified address
b *0x<address>

# Run the program
run

hashtag
2. DLL File Analysis (MultimasterAPI.dll)

hashtag
Overview

  • MultimasterAPI.dll is a .NET assembly.

  • It may contain connection strings or credentials.

hashtag
Tools Used

  • Get-FileMetaData (PowerShell)

  • dnSpy (.NET assembly editor/debugger)

hashtag
Steps to Analyze DLL File

  1. Use Get-FileMetaData to extract metadata and potential strings.

  2. Use dnSpy to decompile and examine the DLL's source code.

  3. Inspect relevant classes (e.g., MultimasterAPI.Controllers -> ColleagueController) for connection strings.

hashtag
PowerShell Command

hashtag
3. General Attack Considerations

hashtag
1. Password Reusability

  • Check if extracted passwords are reused on other services.

hashtag
2. Password Spraying

  • Use extracted usernames and common passwords to test other services.

hashtag
4. Key Concepts

  • Connection Strings: Strings that contain information needed to connect to a database or service.

  • ELF Executables: Executable and Linkable Format, a common format for executable files on Linux systems.

  • DLL Files: Dynamic Link Libraries, files containing code and data that can be used by multiple programs on Windows systems.

  • GDB: GNU Debugger, a powerful tool for debugging programs.

  • dnSpy: A .NET assembly editor and debugger.

  • PEDA: Python Exploit Development Assistance for GDB.

hashtag
5. Important Notes

  • Always perform these actions on systems you have explicit permission to test.

  • Be aware of legal and ethical considerations.

  • Use extracted credentials responsibly.

Previous25.-Web-mass-assignment-vulnerabilitiesNext27.Other-notable-applications

Last updated