├── 8b01108faae90a.jpg
├── README.md
├── SharpSQLDump.sln
└── SharpSQLDump
├── Program.cs
├── Properties
└── AssemblyInfo.cs
├── SharpSQLDump.csproj
├── app.config
├── bin
└── Release
│ ├── SharpSQLDump.exe.config
│ ├── SharpSQLDump.vshost.exe
│ ├── SharpSQLDump.vshost.exe.config
│ └── SharpSQLDump.vshost.exe.manifest
└── obj
└── Release
└── SharpSQLDump.csproj.FileListAbsolute.txt
/8b01108faae90a.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/uknowsec/SharpSQLDump/251c409ef9a10e24dd88acbaed390a4de0e5f373/8b01108faae90a.jpg
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # SharpSQLDump
2 |
3 | ## 简介
4 | 内网渗透中快速获取数据库所有库名,表名,列名;具体判断后再去翻数据,节省时间;适用于mysql,mssql。
5 |
6 | ## 使用方法
7 |
8 | ```
9 | > SharpSQLDump.exe
10 |
11 | Author: Uknow
12 | Github: https://github.com/uknowsec/SharpSQLDump
13 |
14 | Usage: SharpSQLDump.exe -h ip -u username -p password -mysql
15 | SharpSQLDump.exe -h ip -u username -p password -mssql
16 | ```
17 |
18 | 
19 |
--------------------------------------------------------------------------------
/SharpSQLDump.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio 2012
4 | Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "SharpSQLDump", "SharpSQLDump\SharpSQLDump.csproj", "{E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}"
5 | EndProject
6 | Global
7 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
8 | Debug|Any CPU = Debug|Any CPU
9 | Release|Any CPU = Release|Any CPU
10 | EndGlobalSection
11 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
12 | {E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
13 | {E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}.Debug|Any CPU.Build.0 = Debug|Any CPU
14 | {E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}.Release|Any CPU.ActiveCfg = Release|Any CPU
15 | {E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}.Release|Any CPU.Build.0 = Release|Any CPU
16 | EndGlobalSection
17 | GlobalSection(SolutionProperties) = preSolution
18 | HideSolutionNode = FALSE
19 | EndGlobalSection
20 | EndGlobal
21 |
--------------------------------------------------------------------------------
/SharpSQLDump/Program.cs:
--------------------------------------------------------------------------------
1 | using System;
2 | using System.Collections.Generic;
3 | using System.Linq;
4 | using System.Text;
5 | using System.Data;
6 | using System.Data.SqlClient;
7 | using MySql.Data.MySqlClient;
8 | using System.Collections;
9 |
10 | namespace SharpSQLDump
11 | {
12 | class Program
13 | {
14 | static void Main(string[] args)
15 | {
16 | System.Console.WriteLine("");
17 | System.Console.WriteLine("Author: Uknow");
18 | System.Console.WriteLine("Github: https://github.com/uknowsec/SharpSQLDump");
19 | System.Console.WriteLine("");
20 | if (args.Length != 7)
21 | {
22 | System.Console.WriteLine("Usage: SharpSQLDump.exe -h ip -u username -p password -mysql");
23 | System.Console.WriteLine(" SharpSQLDump.exe -h ip -u username -p password -mssql");
24 | }
25 | if (args.Length >= 7 && (args[6] == "-mysql"))
26 | {
27 | Console.WriteLine("\r\n==================== SharpSQLDump --> MySQL ====================\r\n");
28 | MySql(args[1],args[3],args[5]);
29 | Console.ForegroundColor = ConsoleColor.White;
30 | }
31 | if (args.Length >= 7 && (args[6] == "-mssql"))
32 | {
33 | Console.WriteLine("\r\n==================== SharpSQLDump --> MsSQL========== ==========\r\n");
34 | MsSql(args[1], args[3], args[5]);
35 | Console.ForegroundColor = ConsoleColor.White;
36 | }
37 | }
38 |
39 | public static void MsSql(String host, String username, String password)
40 | {
41 | ArrayList Datebase = MsSQL_DateBase(host, username, password);
42 | foreach (string date in Datebase)
43 | {
44 | Console.ForegroundColor = ConsoleColor.Red;
45 | Console.WriteLine("\n\n[*] DataBases: " + date + " ");
46 | ArrayList Tables = MsSQL_Table(host, username, password, date);
47 | foreach (string table in Tables)
48 | {
49 | ArrayList Columns = MsSQL_Column(host, username, password, date, table);
50 | int count = MsSQL_Count(host, username, password, date, table);
51 | Console.ForegroundColor = ConsoleColor.Green;
52 | Console.Write("\n\t[+] Tables: " + String.Format("{0,-12}", table));
53 | Console.ForegroundColor = ConsoleColor.Blue;
54 | Console.WriteLine("\n\t\tCount: " + count + "\n");
55 | Console.ForegroundColor = ConsoleColor.White;
56 | Console.Write("\t\t[-] Columns: [");
57 | foreach (string column in Columns)
58 | {
59 | Console.Write(column + " ");
60 | }
61 | Console.WriteLine("]");
62 | }
63 | }
64 | }
65 |
66 | public static void MySql(String host, String username, String password){
67 | ArrayList Datebase = MySQL_DateBase(host, username, password);
68 | foreach (string date in Datebase)
69 | {
70 | Console.ForegroundColor = ConsoleColor.Red;
71 | Console.WriteLine("\n\n[*] DataBases: " + date + " ");
72 | ArrayList Tables = MySQL_Table(host, username, password, date);
73 | foreach (string table in Tables)
74 | {
75 | ArrayList Columns = MySQL_Column(host, username, password, date, table);
76 | int count = MySQL_Count(host, username, password, date, table);
77 | Console.ForegroundColor = ConsoleColor.Green;
78 | Console.Write("\n\t[+] Tables: " + String.Format("{0,-12}", table));
79 | Console.ForegroundColor = ConsoleColor.Blue;
80 | Console.WriteLine("\n\t\tCount: " + count + "\n");
81 | Console.ForegroundColor = ConsoleColor.White;
82 | Console.Write("\t\t[-] Columns: [");
83 | foreach (string column in Columns)
84 | {
85 | Console.Write(column+" ");
86 | }
87 | Console.WriteLine("]");
88 | }
89 | }
90 | }
91 |
92 | public static ArrayList MySQL_DateBase(string server,string username,string password,string port="3306")
93 | {
94 | //Ip+端口+数据库名+用户名+密码
95 | string connectStr = "server=" + server + ";port=" + port + ";database=information_schema" + ";user=" + username + ";password=" + password + ";";
96 | ArrayList datebase = new ArrayList();
97 | MySqlConnection conn = new MySqlConnection(connectStr); ;
98 | try
99 | {
100 | conn.Open();//跟数据库建立连接,并打开连接
101 | string sql = "select schema_name from information_schema.schemata";
102 | MySqlCommand cmd = new MySqlCommand(sql, conn);
103 | MySql.Data.MySqlClient.MySqlDataReader msqlReader = cmd.ExecuteReader();
104 | while (msqlReader.Read())
105 | { //do something with each record
106 | // Console.WriteLine(" Datebase: " + msqlReader[0]);
107 | if ((msqlReader[0].ToString() != "information_schema") && (msqlReader[0].ToString() != "mysql") && (msqlReader[0].ToString() != "performance_schema") && (msqlReader[0].ToString() != "sys"))
108 | {
109 | datebase.Add(msqlReader[0]);
110 | }
111 | }
112 | }
113 | catch (Exception e)
114 | {
115 | Console.WriteLine(e.ToString());
116 | }
117 | finally
118 | {
119 | conn.Clone();
120 | }
121 | return datebase;
122 | }
123 | public static ArrayList MsSQL_DateBase(string Server, string User, string Password)
124 | {
125 | //Ip+端口+数据库名+用户名+密码
126 | string connectionString = "Server = " + Server + ";" + "Database = master;" + "User ID = " + User + ";" + "Password = " + Password + ";";
127 | ArrayList datebase = new ArrayList();
128 | SqlConnection conn = new SqlConnection(connectionString); ;
129 | try
130 | {
131 | conn.Open();//跟数据库建立连接,并打开连接
132 | string sql = "SELECT NAME FROM MASTER.DBO.SYSDATABASES ORDER BY NAME";
133 | SqlCommand cmd = new SqlCommand(sql, conn);
134 | SqlDataReader msqlReader = cmd.ExecuteReader();
135 | while (msqlReader.Read())
136 | { //do something with each record
137 | // Console.WriteLine(" Datebase: " + msqlReader[0]);
138 | if ((msqlReader[0].ToString() != "master") && (msqlReader[0].ToString() != "model") && (msqlReader[0].ToString() != "msdb") && (msqlReader[0].ToString() != "tempdb"))
139 | {
140 | datebase.Add(msqlReader[0]);
141 | }
142 | }
143 | msqlReader.Close(); //要记得每次调用SqlDataReader读取数据后,都要Close();
144 | }
145 | catch (Exception e)
146 | {
147 | Console.WriteLine(e.ToString());
148 | }
149 | finally
150 | {
151 | conn.Close();
152 | }
153 | return datebase;
154 | }
155 |
156 | public static ArrayList MySQL_Table(string server, string username, string password,string database, string port = "3306")
157 | {
158 | //Ip+端口+数据库名+用户名+密码
159 | string connectStr = "server=" + server + ";port=" + port + ";database=information_schema" + ";user=" + username + ";password=" + password + ";";
160 | ArrayList tables = new ArrayList();
161 | MySqlConnection conn = new MySqlConnection(connectStr); ;
162 | try
163 | {
164 | conn.Open();//跟数据库建立连接,并打开连接
165 | string sql = "select table_name from information_schema.tables where table_schema='" + database + "';";
166 | MySqlCommand cmd = new MySqlCommand(sql, conn);
167 | MySql.Data.MySqlClient.MySqlDataReader msqlReader = cmd.ExecuteReader();
168 | while (msqlReader.Read())
169 | { //do something with each record
170 | tables.Add(msqlReader[0]);
171 | }
172 | }
173 | catch (Exception e)
174 | {
175 | Console.WriteLine(e.ToString());
176 | }
177 | finally
178 | {
179 | conn.Clone();
180 | }
181 | return tables;
182 | }
183 |
184 | public static ArrayList MsSQL_Table(string Server, string User, string Password, string DataBase)
185 | {
186 | //Ip+端口+数据库名+用户名+密码
187 | string connectionString = "Server = " + Server + ";" + "Database =" + DataBase + ";" + "User ID = " + User + ";" + "Password = " + Password + ";";
188 | ArrayList tables = new ArrayList();
189 | SqlConnection conn = new SqlConnection(connectionString); ;
190 | try
191 | {
192 | conn.Open();//跟数据库建立连接,并打开连接
193 | string sql = "SELECT NAME FROM SYSOBJECTS WHERE XTYPE='U' ORDER BY NAME";
194 | SqlCommand cmd = new SqlCommand(sql, conn);
195 | SqlDataReader msqlReader = cmd.ExecuteReader();
196 | while (msqlReader.Read())
197 | { //do something with each record
198 | tables.Add(msqlReader[0]);
199 | }
200 | msqlReader.Close(); //要记得每次调用SqlDataReader读取数据后,都要Close();
201 | }
202 | catch (Exception e)
203 | {
204 | Console.WriteLine(e.ToString());
205 | }
206 | finally
207 | {
208 | conn.Close();
209 | }
210 | return tables;
211 | }
212 |
213 | public static ArrayList MySQL_Column(string server, string username, string password, string database,string table ,string port = "3306")
214 | {
215 | //Ip+端口+数据库名+用户名+密码
216 | string connectStr = "server=" + server + ";port=" + port + ";database=information_schema" + ";user=" + username + ";password=" + password + ";";
217 | ArrayList columns = new ArrayList();
218 | MySqlConnection conn = new MySqlConnection(connectStr); ;
219 | try
220 | {
221 | conn.Open();//跟数据库建立连接,并打开连接
222 | string sql = "select column_name from information_schema.columns where table_schema='" + database + "' and table_name='" + table + "'";
223 | MySqlCommand cmd = new MySqlCommand(sql, conn);
224 | MySql.Data.MySqlClient.MySqlDataReader msqlReader = cmd.ExecuteReader();
225 | while (msqlReader.Read())
226 | { //do something with each record
227 | columns.Add(msqlReader[0]);
228 | }
229 | }
230 | catch (Exception e)
231 | {
232 | Console.WriteLine(e.ToString());
233 | }
234 | finally
235 | {
236 | conn.Clone();
237 | }
238 | return columns;
239 | }
240 |
241 | public static ArrayList MsSQL_Column(string Server, string User, string Password, string DataBase, string table)
242 | {
243 | //Ip+端口+数据库名+用户名+密码
244 | string connectionString = "Server = " + Server + ";" + "Database =" + DataBase + ";" + "User ID = " + User + ";" + "Password = " + Password + ";";
245 | ArrayList columns = new ArrayList();
246 | SqlConnection conn = new SqlConnection(connectionString); ;
247 | try
248 | {
249 | conn.Open();//跟数据库建立连接,并打开连接
250 | string sql = "SELECT NAME FROM SYSCOLUMNS WHERE ID=OBJECT_ID('" + table + "');";
251 | SqlCommand cmd = new SqlCommand(sql, conn);
252 | SqlDataReader msqlReader = cmd.ExecuteReader();
253 | while (msqlReader.Read())
254 | { //do something with each record
255 | columns.Add(msqlReader[0]);
256 | }
257 | msqlReader.Close(); //要记得每次调用SqlDataReader读取数据后,都要Close();
258 | }
259 | catch (Exception e)
260 | {
261 | Console.WriteLine(e.ToString());
262 | }
263 | finally
264 | {
265 | conn.Close();
266 | }
267 | return columns;
268 | }
269 |
270 | public static int MySQL_Count(string server, string username, string password, string database, string table, string port = "3306")
271 | {
272 | string connectStr = "server=" + server + ";port=" + port + ";database=" + database + ";user=" + username + ";password=" + password + ";";
273 | // server=127.0.0.1/localhost 代表本机,端口号port默认是3306可以不写
274 | MySqlConnection conn = new MySqlConnection(connectStr);
275 | try
276 | {
277 | conn.Open();//打开通道,建立连接,可能出现异常,使用try catch语句
278 | string sql = "select count(*) from " + table;
279 | MySqlCommand cmd = new MySqlCommand(sql, conn);
280 | Object result = cmd.ExecuteScalar();//执行查询,并返回查询结果集中第一行的第一列。所有其他的列和行将被忽略。select语句无记录返回时,ExecuteScalar()返回NULL值
281 | if (result != null)
282 | {
283 | int count = int.Parse(result.ToString());
284 | return count;
285 | }
286 | }
287 | catch (MySqlException ex)
288 | {
289 | Console.WriteLine(ex.Message);
290 | }
291 | finally
292 | {
293 | conn.Close();
294 | }
295 | return 0;
296 | }
297 |
298 | public static int MsSQL_Count(string Server, string User, string Password, string DataBase, string table)
299 | {
300 | //Ip+端口+数据库名+用户名+密码
301 | string connectionString = "Server = " + Server + ";" + "Database =" + DataBase + ";" + "User ID = " + User + ";" + "Password = " + Password + ";";
302 | ArrayList columns = new ArrayList();
303 | SqlConnection conn = new SqlConnection(connectionString); ;
304 | try
305 | {
306 | conn.Open();//跟数据库建立连接,并打开连接
307 | string sql = "select count(*) from " + table;
308 | SqlCommand cmd = new SqlCommand(sql, conn);
309 | SqlDataReader msqlReader = cmd.ExecuteReader();
310 | while (msqlReader.Read())
311 | { //do something with each record
312 | int count = int.Parse(msqlReader[0].ToString());
313 | return count;
314 | }
315 | msqlReader.Close(); //要记得每次调用SqlDataReader读取数据后,都要Close();
316 | }
317 | catch (Exception e)
318 | {
319 | Console.WriteLine(e.ToString());
320 | }
321 | finally
322 | {
323 | conn.Close();
324 | }
325 | return 0;
326 | }
327 |
328 | }
329 | }
330 |
--------------------------------------------------------------------------------
/SharpSQLDump/Properties/AssemblyInfo.cs:
--------------------------------------------------------------------------------
1 | using System.Reflection;
2 | using System.Runtime.CompilerServices;
3 | using System.Runtime.InteropServices;
4 |
5 | // 有关程序集的常规信息通过以下
6 | // 特性集控制。更改这些特性值可修改
7 | // 与程序集关联的信息。
8 | [assembly: AssemblyTitle("SharpSQLDump")]
9 | [assembly: AssemblyDescription("")]
10 | [assembly: AssemblyConfiguration("")]
11 | [assembly: AssemblyCompany("")]
12 | [assembly: AssemblyProduct("SharpSQLDump")]
13 | [assembly: AssemblyCopyright("Copyright © 2019")]
14 | [assembly: AssemblyTrademark("")]
15 | [assembly: AssemblyCulture("")]
16 |
17 | // 将 ComVisible 设置为 false 使此程序集中的类型
18 | // 对 COM 组件不可见。如果需要从 COM 访问此程序集中的类型,
19 | // 则将该类型上的 ComVisible 特性设置为 true。
20 | [assembly: ComVisible(false)]
21 |
22 | // 如果此项目向 COM 公开,则下列 GUID 用于类型库的 ID
23 | [assembly: Guid("e7dc101b-1ca0-4eb6-8854-81f49b99d61e")]
24 |
25 | // 程序集的版本信息由下面四个值组成:
26 | //
27 | // 主版本
28 | // 次版本
29 | // 生成号
30 | // 修订号
31 | //
32 | // 可以指定所有这些值,也可以使用“生成号”和“修订号”的默认值,
33 | // 方法是按如下所示使用“*”:
34 | // [assembly: AssemblyVersion("1.0.*")]
35 | [assembly: AssemblyVersion("1.0.0.0")]
36 | [assembly: AssemblyFileVersion("1.0.0.0")]
37 |
--------------------------------------------------------------------------------
/SharpSQLDump/SharpSQLDump.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | Debug
6 | AnyCPU
7 | {E48E9BC1-F648-42F6-BCB0-F40ADB1A130D}
8 | Exe
9 | Properties
10 | SharpSQLDump
11 | SharpSQLDump
12 | v3.5
13 | 512
14 |
15 |
16 |
17 | AnyCPU
18 | true
19 | full
20 | false
21 | bin\Debug\
22 | DEBUG;TRACE
23 | prompt
24 | 4
25 |
26 |
27 | AnyCPU
28 | pdbonly
29 | true
30 | bin\Release\
31 | TRACE
32 | prompt
33 | 4
34 |
35 |
36 |
37 | C:\Users\HP\Downloads\超级弱口令检查工具V1.0 Beta17 20171217\超级弱口令检查工具V1.0 Beta17 20171217\MySql.Data.dll
38 |
39 |
40 |
41 |
42 |
43 |
44 |
45 |
46 |
47 |
48 |
49 |
50 |
51 |
52 |
53 |
54 |
55 |
62 |
--------------------------------------------------------------------------------
/SharpSQLDump/app.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/SharpSQLDump/bin/Release/SharpSQLDump.exe.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/SharpSQLDump/bin/Release/SharpSQLDump.vshost.exe:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/uknowsec/SharpSQLDump/251c409ef9a10e24dd88acbaed390a4de0e5f373/SharpSQLDump/bin/Release/SharpSQLDump.vshost.exe
--------------------------------------------------------------------------------
/SharpSQLDump/bin/Release/SharpSQLDump.vshost.exe.config:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
--------------------------------------------------------------------------------
/SharpSQLDump/bin/Release/SharpSQLDump.vshost.exe.manifest:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/SharpSQLDump/obj/Release/SharpSQLDump.csproj.FileListAbsolute.txt:
--------------------------------------------------------------------------------
1 | D:\vscode\c_test\SharpSQLDump\SharpSQLDump\bin\Release\SharpSQLDump.exe.config
2 |
--------------------------------------------------------------------------------