forked from sensepost/autoDANE
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcreatedb.sql
More file actions
408 lines (346 loc) · 13.5 KB
/
createdb.sql
File metadata and controls
408 lines (346 loc) · 13.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
grant all on *.* to 'root'@'%';
SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
CREATE SCHEMA IF NOT EXISTS `autodane` DEFAULT CHARACTER SET latin1 ;
USE `autodane` ;
-- -----------------------------------------------------
-- Table `autodane`.`cred_host_map`
-- -----------------------------------------------------
CREATE TABLE IF NOT EXISTS `autodane`.`cred_host_map` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`host_data_id` INT(11) NOT NULL,
`domain_creds_id` INT(11) NOT NULL,
`successful` BIT(1) NOT NULL DEFAULT b'0',
`login_count` int(11) DEFAULT '0',
PRIMARY KEY (`id`))
ENGINE = InnoDB
AUTO_INCREMENT = 21
DEFAULT CHARACTER SET = latin1;
-- -----------------------------------------------------
-- Table `autodane`.`domain_creds`
-- -----------------------------------------------------
CREATE TABLE IF NOT EXISTS `autodane`.`domain_creds` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`footprint_id` INT(11) NOT NULL,
`domain_name` VARCHAR(45) NOT NULL DEFAULT '',
`is_da` BIT(1) NOT NULL DEFAULT b'0',
`username` VARCHAR(45) NOT NULL DEFAULT '',
`cleartext_password` VARCHAR(150) NOT NULL DEFAULT '',
`lm_hash` VARCHAR(150) NOT NULL DEFAULT '',
`ntlm_hash` VARCHAR(150) NOT NULL DEFAULT '',
`http_ntlm_hash` VARCHAR(250) NOT NULL DEFAULT '',
PRIMARY KEY (`id`))
ENGINE = InnoDB
AUTO_INCREMENT = 5
DEFAULT CHARACTER SET = latin1;
-- -----------------------------------------------------
-- Table `autodane`.`domains`
-- -----------------------------------------------------
CREATE TABLE IF NOT EXISTS `autodane`.`domains` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`footprint_id` INT(11) NOT NULL,
`domain_name` VARCHAR(45) NULL DEFAULT NULL,
`zone_transfer_attempted` BIT(1) NOT NULL DEFAULT b'0',
PRIMARY KEY (`id`))
ENGINE = InnoDB
AUTO_INCREMENT = 2
DEFAULT CHARACTER SET = latin1;
-- -----------------------------------------------------
-- Table `autodane`.`footprints`
-- -----------------------------------------------------
CREATE TABLE IF NOT EXISTS `autodane`.`footprints` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`footprint_name` VARCHAR(45) NOT NULL,
`10_range_position` VARCHAR(45) NOT NULL DEFAULT '10.0.0.0/16',
`172_range_position` VARCHAR(45) NOT NULL DEFAULT '172.16.0.0.0/16',
`192_range_position` VARCHAR(45) NOT NULL DEFAULT '192.168.0.0/16',
`msfrpc_pass` VARCHAR(45) NULL DEFAULT NULL,
PRIMARY KEY (`id`))
ENGINE = InnoDB
AUTO_INCREMENT = 2
DEFAULT CHARACTER SET = latin1;
-- -----------------------------------------------------
-- Table `autodane`.`host_data`
-- -----------------------------------------------------
CREATE TABLE IF NOT EXISTS `autodane`.`host_data` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`footprint_id` INT(11) NOT NULL,
`ip_address` VARCHAR(45) NOT NULL,
`host_name` VARCHAR(45) NOT NULL DEFAULT '',
`is_dc` BIT(1) NOT NULL DEFAULT b'0',
`dns_lookup_done` BIT(1) NULL DEFAULT b'0',
`port_scan_done` BIT(1) NULL DEFAULT b'0',
`creds_gathered` DATETIME NULL DEFAULT '1900-01-01 00:00:00',
`cred_gather_successful` BIT(1) NULL DEFAULT b'0',
`domain_creds_id` INT(11) NULL DEFAULT NULL,
PRIMARY KEY (`id`))
ENGINE = InnoDB
AUTO_INCREMENT = 8
DEFAULT CHARACTER SET = latin1;
-- -----------------------------------------------------
-- Table `autodane`.`ports`
-- -----------------------------------------------------
CREATE TABLE IF NOT EXISTS `autodane`.`ports` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`host_data_id` INT(11) NOT NULL,
`port_num` INT(11) NOT NULL,
`vuln_checked` BIT(1) NOT NULL DEFAULT b'0',
`vulnerable` BIT(1) NOT NULL DEFAULT b'0',
`shell` BIT(1) NOT NULL DEFAULT b'0',
`notes` VARCHAR(100) NOT NULL DEFAULT '',
`vulnerability_name` VARCHAR(45) NOT NULL DEFAULT '',
`http_title_checked` BIT(1) NOT NULL DEFAULT b'0',
`http_title` VARCHAR(250) NOT NULL DEFAULT '',
`exploited` DATETIME NULL DEFAULT '1900-01-01 00:00:00',
PRIMARY KEY (`id`))
ENGINE = InnoDB
AUTO_INCREMENT = 14
DEFAULT CHARACTER SET = latin1;
-- -----------------------------------------------------
-- Table `autodane`.`ranges`
-- -----------------------------------------------------
CREATE TABLE IF NOT EXISTS `autodane`.`ranges` (
`id` INT(11) NOT NULL AUTO_INCREMENT,
`footprint_id` INT(11) NOT NULL,
`net_range` VARCHAR(45) NOT NULL,
`dns_lookups_done` BIT(1) NOT NULL DEFAULT b'0',
`port_scans_done` BIT(1) NOT NULL DEFAULT b'0',
PRIMARY KEY (`id`))
ENGINE = InnoDB
AUTO_INCREMENT = 2
DEFAULT CHARACTER SET = latin1;
USE `autodane` ;
-- -----------------------------------------------------
-- procedure addDomain
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`localhost` PROCEDURE `addDomain`(in _footprint_id int, in _domain_name varchar(45))
BEGIN
if (select count(*) from domains where footprint_id = _footprint_id and domain_name = _domain_name) = 0 then
insert into domains (footprint_id, domain_name) values (_footprint_id, _domain_name);
end if;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure addDomainCreds
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`%` PROCEDURE `addDomainCreds`(in _fp_id int, in _dn_n varchar(45), in _un varchar(45), in _ct_pw varchar(150), in _lm_h varchar(150), in _ntlm_h varchar(150), in http_ntlm_h varchar(150))
BEGIN
if (select count(*) from domain_creds where footprint_id = _fp_id and domain_name = _dn_n and username = _un) = 0 then
insert into domain_creds (footprint_id, domain_name, username) values (_fp_id, _dn_n, _un);
end if;
if (_ct_pw != "") then
update domain_creds set cleartext_password = _ct_pw where
footprint_id = _fp_id and domain_name = _dn_n and username = _un;
end if;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure addIP
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`localhost` PROCEDURE `addIP`(in _footprint_id int, _ip_address varchar(45), in is_dc bit)
BEGIN
if (select count(*) from host_data where footprint_id = _footprint_id and ip_address = _ip_address) = 0 then
insert into host_data (footprint_id, ip_address, is_dc) values (_footprint_id, _ip_address, is_dc);
end if;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure addLoginAttemptResult
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`%` PROCEDURE `addLoginAttemptResult`(in _host_data_id int, in _domain_creds_id int, in _success bit)
BEGIN
if (select count(*) from cred_host_map where host_data_id = _host_data_id and domain_creds_id = _domain_creds_id) = 0 then
insert into cred_host_map
(host_data_id, domain_creds_id, successful) values
(_host_data_id, _domain_creds_id, _success);
end if;
update cred_host_map set login_count = login_count+1 where
host_data_id = _host_data_id and
domain_creds_id = _domain_creds_id;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure addPort
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`localhost` PROCEDURE `addPort`(in _ip_address varchar(45), in _port_num int)
BEGIN
if (select count(*)from host_data h join ports p on h.id = p.host_data_id where h.ip_address = _ip_address and p.port_num = _port_num)= 0 then
insert into ports (host_data_id, port_num) values ((select id from host_data where ip_address = _ip_address limit 1), _port_num);
end if;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure addRange
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`localhost` PROCEDURE `addRange`(in _footprint_id int, in _net_range varchar(45))
BEGIN
if (select count(*) from ranges where footprint_id = _footprint_id and net_range = _net_range) = 0 then
insert into ranges (footprint_id, net_range) values (_footprint_id, _net_range);
end if;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure createFootprint
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`localhost` PROCEDURE `createFootprint`(in _footprint_name varchar(45))
BEGIN
if (select count(*) from footprints where footprint_name = _footprint_name) = 0 then
insert into footprints (footprint_name) values (_footprint_name);
end if;
select id from footprints where footprint_name = _footprint_name;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure getHostToLogInTo
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`%` PROCEDURE `getHostToLogInTo`(in _footprint_id int)
BEGIN
select
hd.id as 'host_data_id', hd.ip_address, dc.id as 'domain_creds_id', dc.domain_name, dc.username, dc.cleartext_password
from
host_data hd
join domain_creds dc on hd.footprint_id = dc.footprint_id
join ports p on hd.id = p.host_data_id
where
hd.footprint_id = _footprint_id and
p.port_num = 445 and
hd.id not in (select host_data_id from cred_host_map where host_data_id = hd.id and domain_creds_id = dc.id) and
dc.cleartext_password != ""
limit
1;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure getVulnerableToMS08067
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`%` PROCEDURE `getVulnerableToMS08067`(in _footprint_id int)
BEGIN
select
hd.ip_address, p.id, p.port_num
from
host_data hd
join ports p on hd.id = p.host_data_id
where
hd.footprint_id = _footprint_id and
p.shell = 1 and
p.port_num = 445 and
p.exploited = '1900-01-01 00:00:00'
order by exploited asc limit 1;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure getVulnerableWeakSqlCreds
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`%` PROCEDURE `getVulnerableWeakSqlCreds`(in _footprint_id int)
BEGIN
select
hd.ip_address, p.id, p.port_num, p.notes
from
host_data hd
join ports p on hd.id = p.host_data_id
where
hd.footprint_id = _footprint_id and
p.shell = 1 and
p.port_num = 1433 and
p.exploited = '1900-01-01 00:00:00'
order by exploited asc limit 1;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure getVulnerableWeakTomcatCreds
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`%` PROCEDURE `getVulnerableWeakTomcatCreds`(in _footprint_id int)
BEGIN
select
hd.ip_address, p.id, p.port_num, p.notes
from
host_data hd
join ports p on hd.id = p.host_data_id
where
hd.footprint_id = _footprint_id and
p.shell = 1 and
p.exploited = '1900-01-01 00:00:00' and
p.vulnerability_name = 'Weak Tomcat Creds'
order by exploited asc limit 1;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure report_pendingFootprinting
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`localhost` PROCEDURE `report_pendingFootprinting`(in _footprint_id int)
BEGIN
select "Pending Range DNS Lookups" as label, (select count(*) from ranges where footprint_id = _footprint_id and dns_lookups_done = 0) as val
union select "Pending Range Port Scans", (select count(*) from ranges where footprint_id = _footprint_id and port_scans_done = 0)
union select "Pending Host DNS Lookups", (select count(*) from host_data where footprint_id = _footprint_id and dns_lookup_done = 0)
union select "Pending Host Port Scans", (select count(*) from host_data where footprint_id = _footprint_id and port_scan_done = 0)
union select "Pending HTML Title Checks", (select count(*) from host_data h join ports p on h.id = p.host_data_id where p.port_num in (80,443,8080,8081,8082,8083,8084,8085,8086,8087,8088,8089,8090,9090,9091,9092,9093,9094,9095,9096,9097,9098,9099) and h.footprint_id = _footprint_id and p.http_title_checked = 0);
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure report_pendingVulnScanning
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`localhost` PROCEDURE `report_pendingVulnScanning`(in _footprint_id int)
BEGIN
select
p.port_num,
count(p.port_num)
from
host_data hd
join ports p on hd.id = p.host_data_id
where
hd.footprint_id = _footprint_id
and vuln_checked = 0
group by
p.port_num;
END$$
DELIMITER ;
-- -----------------------------------------------------
-- procedure updatePortVulnerability
-- -----------------------------------------------------
DELIMITER $$
USE `autodane`$$
CREATE DEFINER=`root`@`localhost` PROCEDURE `updatePortVulnerability`(in _footprint_id int, in _ip_address varchar(45), in _port_num int, in _vuln_checked bit, in _vulnerable bit, in _shell bit, in _notes varchar(100), in _vulnerability_name varchar(45))
BEGIN
update
ports
set
vuln_checked = _vuln_checked,
vulnerable = _vulnerable,
shell = _shell,
notes = _notes,
vulnerability_name = _vulnerability_name
where
port_num = _port_num and
host_data_id = (select id from host_data where ip_address = _ip_address and footprint_id = _footprint_id limit 1);
END$$
DELIMITER ;
SET SQL_MODE=@OLD_SQL_MODE;
SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;