The Pillager 0.7 Release

I spent the last couple days recoding the Pillager, getting rid of bugs, optimizing code, making it more extendable and more solid overall. So this post is to release the new code.  However, with that being said, the Pillager is in mass revision right now and I added some more developers to the team to add a whole host of new database attacking features as well as moving past databases and into other areas of post exploitation pillaging. Soon to be released..  As usual this tool and any tool i create is based on my issues when performing penetration tests and solves those problems.. If you have any insight or comments i will certainly take them into consideration for future releases.

For now check out Version 0.7.. Named searches and Data searches via external config files are now functioning properly as well as other bugs fixed along the way... Drop this in a BT5 VM and make sure you have your DB python stuff installed per the help docs and you should be good to go.  If you are looking to use oracle you are going to have to install all the oracle nonsense from oracle or use a BT4r2 vm which has most of the needed drivers minus cxoracle which will need to be installed.

http://consolecowboys.org/pillager/pillage_0.7.zip



Ficti0n$ python pillager.py
 
[---] The Database Pillager (DBPillage) [---]
[---] CcLabs Release [---]
[---] Authors: Ficti0n, [---]
[---] Contributors: Steponequit [---]
[---] Version: 0.7 [---]
[---] Find Me On Twitter: ficti0n [---]
[---] Homepage: http://console-cowboys.blogspot.com [---]

Release Notes:
 --Fixed bugs and optimized code
 --Added Docstrings
 --Fixed Named and Data searches from config files                 

About:
The Database Pillager is a multiplatform database tool for searching and browsing common
database platforms encountered while penetration testing. DBPillage can be used to search
for PCI/HIPAA data automatically or use DBPillage to browse databases,display data.
and search for specified tables/data instances.
DBpillage was designed as a post exploitation pillaging tool with a goal of targeted
extraction of data without the use of database platform specific GUI based tools that
are difficult to use and make my job harder.

Supported Platforms:
        --------------------
-Oracle
-MSSQL
-MYSQL
        -PostGreSQL
     

        Usage Examples:
        ************************************************************************
        
        For Mysql Postgres and MsSQL pillaging:
        ---------------------------------------
        python dbPillage -a [address] -d [dbType] -u [username] -p [password]
        
        
        For Oracle pillaging you need a SID connection string:
        ------------------------------------------------------
        python dbPillage-a [address]/[sid] -d [dbType] -u [username] -p [password]
        

        Grab some hashes and Hipaa specific:(Default is PCI)
        ------------------------------------
        python dbPillage -a [address] -d [dbType] -u [username] -p [password] --hashes -s hipaa


Drop into a SQL CMDShell:
-------------------------
        python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -q

Config file specified searches:
-------------------------------
Search for data Items from inputFiles/data.txt:
        python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -D

Search for specific table names from inputFiles/tables.txt:
python dbpillage.py -a [address] -d [dbType] -u [username] -p [password] -N

     
     
        Switch Options:
        ---------------------
        -# --hashes = grab database password hashes
        -l --limit  = limit the amount of rows that are searched or when displaying data (options = any number)
        -s --searchType = Type of data search you want to perform (options:pci, hipaa, all)(PCI default)
        -u --user = Database servers username
        -p --pass = Password for the database server
        -a --address = Ipaddress of the database server
        -d --database = The database type you are pillageing (options: mssql,mysql,oracle,postgres)
        -r --report = report format (HTML, XML, screen(default))
        -N --nameSearch = Search via inputFiles/tables.txt
        -D --dataSearch = Targeted data searches per inputFiles/data.txt
-q --queryShell = Drop into a SQL CMDshell in mysql or mssql
     
     
        Prerequisites:
        -------------
        python v2  (Tested on Python 2.5.2 BT4 R2 and BT5 R3 - Oracle stuff on BT4r2 only unless you install the drivers from oracle)
        cx_oracle (cx-oracle.sourceforge.net)
        psycopg2  (initd.org/psycopg/download/)
        MySQLdb   (should be on BT by default)
        pymssql   (should be on BT by default)
     

More information

1. Pentest Tools For Mac
2. Hacking Tools Name
3. Black Hat Hacker Tools
4. Hack Apps
5. Hackrf Tools
6. Hacking Tools For Windows
7. Wifi Hacker Tools For Windows
8. Hacking Tools For Windows 7
9. Hacking Tools For Kali Linux
10. Hacker Tools Software
11. Hacker Tools Github
12. Hack Tools Download
13. Game Hacking
14. Pentest Tools Review
15. Pentest Tools Open Source
16. Best Hacking Tools 2020
17. Hacker Tools For Windows
18. Hack Tools Online
19. Github Hacking Tools
20. Hacking Tools Free Download
21. Pentest Tools Review
22. Hacker Tools For Windows
23. Hack Tools For Windows
24. Pentest Tools Download
25. World No 1 Hacker Software
26. Install Pentest Tools Ubuntu
27. Pentest Tools Alternative
28. Pentest Tools For Mac
29. Nsa Hack Tools
30. Hacking Tools For Beginners
31. Hacking Tools Hardware
32. Pentest Tools For Mac
33. Hacking Tools For Games
34. Best Pentesting Tools 2018
35. Hacking Tools And Software
36. Pentest Tools Free
37. Hack Tools 2019
38. Hack Tools Pc
39. Pentest Tools Find Subdomains
40. Hacking Tools Name
41. Hacking Tools Github
42. Hacker Tools Mac
43. Free Pentest Tools For Windows
44. Hacking Tools Download
45. Pentest Tools Windows
46. Pentest Tools Nmap
47. Hacking App
48. Hackrf Tools
49. Pentest Reporting Tools
50. Pentest Tools Kali Linux
51. Hacker Tools Apk Download
52. Best Pentesting Tools 2018
53. Hacking Tools Github
54. Pentest Tools List
55. Blackhat Hacker Tools
56. Hackers Toolbox
57. Hacking Tools Windows 10
58. Pentest Tools
59. Hacking Tools Hardware
60. Pentest Tools Kali Linux
61. Hacking Tools Windows 10
62. Bluetooth Hacking Tools Kali
63. What Are Hacking Tools
64. Hacking Tools Windows
65. Hack Tools For Pc
66. Pentest Tools For Windows
67. Pentest Tools Tcp Port Scanner
68. Hack Tools For Ubuntu
69. Computer Hacker
70. Hacker Tools Free
71. Pentest Tools Linux
72. Hacker Tools
73. Termux Hacking Tools 2019
74. Best Hacking Tools 2020
75. Nsa Hacker Tools
76. Install Pentest Tools Ubuntu
77. Hacker Tools Apk Download
78. Hack Tools For Pc
79. Hacking App
80. Pentest Tools For Android
81. Hack Tool Apk No Root
82. Hacking Tools Software
83. Hacker Tools Free
84. What Is Hacking Tools
85. Best Hacking Tools 2020
86. Hacking Tools Windows 10
87. World No 1 Hacker Software
88. Hacking Tools For Pc
89. Hacker Tools Free Download
90. Hak5 Tools
91. Install Pentest Tools Ubuntu
92. Install Pentest Tools Ubuntu
93. Best Pentesting Tools 2018
94. Pentest Tools List
95. Hacker Tools For Ios
96. Pentest Tools Subdomain
97. Black Hat Hacker Tools
98. Hacking Tools Kit
99. Hack Tools 2019
100. Pentest Tools Url Fuzzer
101. Hack Tools For Mac
102. What Are Hacking Tools
103. Pentest Tools Free
104. Tools For Hacker
105. Best Hacking Tools 2020
106. Hak5 Tools
107. Tools Used For Hacking
108. Bluetooth Hacking Tools Kali
109. Hacker Hardware Tools
110. What Is Hacking Tools
111. New Hacker Tools
112. How To Install Pentest Tools In Ubuntu
113. Hacking Tools Windows
114. Hacker Tools Apk
115. Tools 4 Hack
116. Hacker Security Tools
117. Hacker Tools Software
118. Hacking Tools Github
119. Computer Hacker
120. Hacking Tools For Windows Free Download
121. Hack Rom Tools
122. Hacker Tools Linux
123. Hack Apps
124. Pentest Tools Windows
125. Pentest Tools For Ubuntu
126. Hacking Tools Free Download
127. Pentest Tools Website
128. World No 1 Hacker Software
129. Best Hacking Tools 2019
130. Hack Tools 2019
131. Hack Tools Online
132. Pentest Tools Free
133. Hacking Tools Online
134. Hacker Tools
135. Hacking Tools For Games
136. Hack Tools Mac
137. Pentest Automation Tools
138. Hacker Tools
139. Hacker Security Tools
140. Github Hacking Tools
141. Pentest Tools Windows
142. Pentest Tools Port Scanner
143. Kik Hack Tools
144. Pentest Tools Url Fuzzer
145. Pentest Tools Framework
146. Pentest Tools Bluekeep
147. Pentest Tools Website
148. Pentest Tools Linux
149. Pentest Box Tools Download
150. Hackers Toolbox
151. Pentest Tools Subdomain
152. Best Hacking Tools 2020
153. Pentest Tools
154. Tools For Hacker
155. Pentest Tools For Windows
156. Hackers Toolbox
157. Hack And Tools