You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It is (typically) possible to extract all schemas from vulnerable web applications, but Hakuin now only extracts the default one, the one that the application is connected to. Supporting extraction of all schemas should only require rewriting the injected queries to take the DB name into consideration. For instance, users will become dbo.users.
The text was updated successfully, but these errors were encountered:
pruzko
changed the title
Extract all databases, not just the application one
Extract all schemas, not just the default one
Mar 31, 2024
Hakuin can now extract the list of all schemas by invoking Extractor.extract_schema_names() or via hk.py ... -x schemas. Furthermore, all extraction functions now have an extra parameter, to target a specific schema, e.g., Extractor.extract_table_names(schema='dbo') or hk.py ... -s dbo.
It is (typically) possible to extract all schemas from vulnerable web applications, but Hakuin now only extracts the default one, the one that the application is connected to. Supporting extraction of all schemas should only require rewriting the injected queries to take the DB name into consideration. For instance,
users
will becomedbo.users
.The text was updated successfully, but these errors were encountered: