Using the SQL TAS v4



Similar documents
USING MYWEBSQL FIGURE 1: FIRST AUTHENTICATION LAYER (ENTER YOUR REGULAR SIMMONS USERNAME AND PASSWORD)

Using a Remote SQL Server Best Practices

INTRODUCTION: SQL SERVER ACCESS / LOGIN ACCOUNT INFO:

Exchanger XML Editor - Data Import

Installing and configuring Microsoft Reporting Services

Customer Tips. Configuring Color Access on the WorkCentre 7328/7335/7345 using Windows Active Directory. for the user. Overview

Training module 2 Installing VMware View

LAB 6: Code Generation with Visual Paradigm for UML and JDBC Integration

Resources You can find more resources for Sync & Save at our support site:

HOW TO CONFIGURE SQL SERVER REPORTING SERVICES IN ORDER TO DEPLOY REPORTING SERVICES REPORTS FOR DYNAMICS GP

Phone Manager Application Support JANUARY 2015 DOCUMENT RELEASE 4.2 APPLICATION SUPPORT

Newsletter Sign Up Form to Database Tutorial

Querying Databases Using the DB Query and JDBC Query Nodes

Spectrum Technology Platform. Version 9.0. Enterprise Data Integration Guide

Suite. How to Use GrandMaster Suite. Exporting with ODBC

Integrating SAP BusinessObjects with Hadoop. Using a multi-node Hadoop Cluster

WebSphere Business Monitor V6.2 KPI history and prediction lab

ZyWALL OTP Co works with Active Directory Not Only Enhances Password Security but Also Simplifies Account Management

Connecting to SQL server

Using SQL-server as database engine

Simple Disaster Recovery

Phone Manager Application Support OCTOBER 2014 DOCUMENT RELEASE 4.1 SAGE CRM

CC File Transfer. User Manual

Windows XP Exchange Client Installation Instructions

Configuring Color Access on the WorkCentre 7120 Using Microsoft Active Directory Customer Tip

How to Connect to CDL SQL Server Database via Internet

MultiSite Manager. Setup Guide

Configuration Guide. SafeNet Authentication Service AD FS Agent

for Networks Installation Guide for the application on a server September 2015 (GUIDE 2) Memory Booster version 1.3-N and later

Application Notes for Configuring Dorado Software Redcell Enterprise Bundle using SNMP with Avaya Communication Manager - Issue 1.

Tutorial: How to Use SQL Server Management Studio from Home

FileMaker 14. ODBC and JDBC Guide

ODBC Client Driver Help Kepware, Inc.

Log Analyzer Reference

Alert Notification of Critical Results (ANCR) Public Domain Deployment Instructions

MS SQL Server Database Management

Nortel Networks Symposium Call Center Server Symposium Database Integration User s Guide

Central Administration User Guide

How To Set Up Ops Cser.Com (Pros) For A Pc Or Mac) With A Microsoft Powerbook (Proos) (Prosecco) (Powerbook) (Pros) And Powerbook.Com/

LAE 5.1. Windows Server Installation Guide. Version 1.0

ICONICS Using the Azure Cloud Connector

Alteryx Predictive Analytics for Oracle R

Using Microsoft Windows Authentication for Microsoft SQL Server Connections in Data Archive

Reporting works by connecting reporting tools directly to the database and retrieving stored information from the database.

How-To: MySQL as a linked server in MS SQL Server

Advantage for Windows Copyright 2012 by The Advantage Software Company, Inc. All rights reserved. Client Portal blue Installation Guide v1.

IBM Information Server

FileMaker 13. ODBC and JDBC Guide

Dokmee Enterprise Installation

Tutorial on Operations on Database using JDeveloper

Oracle Forms Services Secure Web.Show_Document() calls to Oracle Reports

Using Device Discovery

INTRODUCTION TO ATRIUM... 2 SYSTEM REQUIREMENTS... 2 TECHNICAL DETAILS... 2 LOGGING INTO ATRIUM... 3 SETTINGS... 4 NAVIGATION PANEL...

FileMaker 12. ODBC and JDBC Guide

Phone Inventory 1.0 (1000) Installation and Administration Guide

Step by Step Guide to implement SMS authentication to F5 Big-IP APM (Access Policy Manager)

MSSQL quick start guide

ESET Secure Authentication Java SDK

Windows Live Mail Setup Guide

Using MailStore to Archive MDaemon

Coveo Platform 7.0. Microsoft Dynamics CRM Connector Guide

EventSentry Overview. Part I Introduction 1 Part II Setting up SQL 2008 R2 Express 2. Part III Setting up IIS 9. Part IV Installing EventSentry 11

SQL Injection Attack Lab Using Collabtive

IceWarp Server. Log Analyzer. Version 10

Getting Started with Elastic DB Database Tools with Azure SQL

DocAve Upgrade Guide. From Version 4.1 to 4.5

MultiSite Manager. Setup Guide

Copyright

Establishing a VPN tunnel to CNet CWR-854 VPN router using WinXP IPSec client

Configuring and Monitoring the Client Desktop Component

Add User to Administrators Group using SQL Lookup Table

Anatomy of a Pass-Back-Attack: Intercepting Authentication Credentials Stored in Multifunction Printers

Advanced Web Security, Lab

Use the below instructions to configure your wireless settings to connect to the secure wireless network using Microsoft Windows Vista/7.

Livezilla How to Install on Shared Hosting By: Jon Manning

How to Copy A SQL Database SQL Server Express (Making a History Company)

The SkySQL Administration Console

Version of this tutorial: 1.06a (this tutorial will going to evolve with versions of NWNX4)

JDBC. It is connected by the Native Module of dependent form of h/w like.dll or.so. ex) OCI driver for local connection to Oracle

RoomWizard Synchronization Software Manual Installation Instructions

PULSE. Pulse for Windows Phone Quick Start Guide. Release Published Date

for Networks Installation Guide for the application on the server August 2014 (GUIDE 2) Lucid Exact Version 1.7-N and later

System requirements. Java SE Runtime Environment(JRE) 7 (32bit) Java SE Runtime Environment(JRE) 6 (64bit) Java SE Runtime Environment(JRE) 7 (64bit)

CPE111 COMPUTER EXPLORATION

for Networks Installation Guide for the application on the server July 2014 (GUIDE 2) Lucid Rapid Version 6.05-N and later

MS SQL Express installation and usage with PHMI projects

Retrieving Data Using the SQL SELECT Statement. Copyright 2006, Oracle. All rights reserved.

Add in Guide for Microsoft Dynamics CRM May 2012

NovaBACKUP xsp Version 15.0 Upgrade Guide

Deposit Direct. Getting Started Guide

ConvincingMail.com Marketing Solution Manual. Contents

G563 Quantitative Paleontology. SQL databases. An introduction. Department of Geological Sciences Indiana University. (c) 2012, P.

Web Hosting Wordpress, Joomla, Drupal Integration

DBQT - Database Query Tool Manual 1/11. Manual DBQT. Database Query Tool. Document Version: unu.ch

ODBC Driver Version 4 Manual

Sophos Mobile Control Installation guide. Product version: 3

Transcription:

Using the SQL TAS v4 Authenticating to the server Consider this MySQL database running on 10.77.0.5 (standard port 3306) with username root and password mypassword. mysql> use BAKERY; Database changed mysql> show tables; +------------------+ Tables_in_BAKERY +------------------+ agents cookies words +------------------+ There are three ways to authenticate to the remote SQL server: Supply username and password in the Maltego client Store the credentials on the server Store the entire connection string on the server Via the Maltego client After transform discovery the transform manager will look something like this:

Select all the transforms and set the Auth Type to here and enter all the optional input parameters (host, port, username and password): The Maltego TAS will use the provided credentials when connecting to the server. Server stored credentials Another option is to keep the username and the password on the server. This is useful when you don t want to expose the username and password to the end user. To use this, set the Auth Type to server. The SQL username and SQL password fields are now disregarded.

On the server create a file called HOST.DATABASE.TYPE.txt file. Do not be concerned about the format and the location of this file the server will tell you what the name should be, and where it is expecting it: Note that the error message also includes the path to the file in our case it is located at /usr/local/apache-tomcat-6.0.16/webapps/. The file is specified in such a way to allow that multiple databases can be configured on the same IP. For the above case credential should thus be stored as follows: $ pwd /usr/local/apache-tomcat-6.0.16/webapps $ cat 10.77.0.5.BAKERY.mysql.txt root mypassword $ Remember that this file resides on the SERVER and that it should be secured if the server can be accessed by remote users.

Server stored connection string For more exotic configurations you might want to be able to set the complete connection string. This is possible. Set the Auth Type to cs : When the Auth Type is set to cs the SQL database/cs field holds the name of a file (residing on the server) that should contain the connection string. In this example the server will look for a file called MyConnectionString.txt. Note that.txt is appended to the field name. The error message will help to locate this file: Connection strings are on a single line hereby an example: $ pwd /usr/local/apache-tomcat-6.0.16/webapps $ cat MyConnectionString.txt jdbc:mysql://10.77.0.5:3306/bakery?user=root&password=mypassword $ JDBC connection strings should be used. Remember that this file resides on the SERVER and that it should be secured if the server can be accessed by remote users. There are many samples of JDBC connection strings available on the Internet. Here are a few taken from http://www.herongyang.com/jdbc/summary-connection-url.html:

Apache Derby Network Client JDBC Driver Connection URL Formats: jdbc:derby://host/database Connection URL Examples: jdbc:derby://localhost/testdb JDBC-ODBC Bridge Connection URL Formats: jdbc:odbc:dsn[;user=xxx][;password=xxx] Connection URL Examples: jdbc:odbc:hy_flat jdbc:odbc:hy_access jdbc:odbc:sql_server;user=sa;password=herongyang MySQL Connector Connection URL Formats: jdbc:mysql://[host][:port]/[database][?p1=v1]... Connection URL Examples: jdbc:mysql://localhost:3306/herongdb?user=herong&password=secret jdbc:mysql://:3306/herongdb?user=herong&password=topsecret jdbc:mysql://localhost/herongdb?user=herong&password=topsecret jdbc:mysql://localhost:3306/?user=herong&password=topsecret jdbc:mysql://localhost/?user=herong&password=topsecret jdbc:mysql://:3306/?user=herong&password=topsecret jdbc:mysql:///herongdb?user=herong&password=topsecret jdbc:mysql:///?user=herong&password=topsecret Oracle JDBC Thin client-side driver Connection URL Formats: jdbc:oracle:thin:[user/password]@[host][:port]:sid jdbc:oracle:thin:[user/password]@//[host][:port]/sid Connection URL Examples: jdbc:oracle:thin:herong/topsecret@localhost:1521:xe jdbc:oracle:thin:herong/topsecret@:1521:xe jdbc:oracle:thin:herong/topsecret@//localhost:1521/xe jdbc:oracle:thin:herong/topsecret@//:1521/xe jdbc:oracle:thin:herong/topsecret@//localhost/xe jdbc:oracle:thin:herong/topsecret@///xe Microsoft JDBC Driver Connection URL Formats: jdbc:sqlserver://host[:port];user=xxx;password=xxx[;p=v] Connection URL Examples: jdbc:sqlserver://localhost;user=sa;password=herong jdbc:sqlserver://localhost:1269;user=sa;password=herong jdbc:sqlserver://localhost;user=sa;password=herong;database=mydb Entity mapping Let s go back to the database and look at some of the table definitions: mysql> describe cookies;

+--------------+--------------+------+-----+---------+-------+ Field Type Null Key Default Extra +--------------+--------------+------+-----+---------+-------+ cookie varchar(256) NO PRI agent varchar(256) YES NULL IP varchar(16) YES NULL last_update varchar(256) YES NULL update_count smallint(6) YES NULL +--------------+--------------+------+-----+---------+-------+ We want to create a transform that will use a given phrase and search for it in the agent column, returning the IP numbers that match that agent. The SQL query for this would be: select IP from cookies where agent like %[our input here]% Maltego has a placeholder / token for the entity s input field - $$input$$ and such the query becomes select IP from cookies where agent like %$$input$$% As a start, we select the transform that uses Phrase as input and edit the SQL statement: Next we have to decide what the output type will be (the default is that all output types are mapped to Phrase Entities). We want IP Addresses so we ll change the SQL to entity mapping to read IPAddressEntity The final task is to edit the name of the transform. This can be done by double clicking on the name (GenericSQL1) and editing it: Notice that the output type still reads Phrase this will not change. Click on Save to save the transforms. Now we are ready to use the transform. Drag a phrase entity from the palette to the main graph and edit it to something useful then right click on it and the newly created SQL transform will appear:

The results are like expected showing the first 12 IP addresses with Firefox in the user agent: Labels At this stage we would like to see the actual user agent used we d like to see it as a display label of each entity. To do this we need to change the SQL query to also return the user agent, and we need to tell Maltego to display it. The SQL query is changed to: select IP,agent from cookies where agent like %$$input$$% and the mapping is changed to: IPAddressEntity{Full User Agent} The curly brackets {} are used to tell the server that the second column from the SQL query has to be matched to a label within the IPAddressEntity called Full User Agent. With the query and mapping changed the output looks as follows:

What if we wanted the user agents as separate entities? The SQL query would stay the same, but the mapping will change to: IPAddressEntity,PhraseEntity Now the resultant graph looks like this: The result is two types of entities IPAddresses and Phrases. Any combination of entity and label can be used given that the number of columns in the query matches the number of mapping elements.

Parameters The last step is to read and write to the entity itself using parameters. There are 3 generic parameters that can be set on any entity. Let s assume we want to create IP address entities with the update_count field as a parameter and the user agent as a label. The SQL query looks like this: select IP,agent,update_count from cookies where agent like '%$$input$$%' The mapping looks like this: IPAddressEntity{Full User Agent}[1] The square brackets [] tell the client that it should take the third column on the SQL query and store it in the generic parameter it will store it in parameter 1 because it reads as [1]. In the GUI these appear as SQL-A1 to SQL-A3. To read these parameters we can use $$1$$ to $$3$$. As an example assume we want to create a transforms that will take (the newly created) IP addresses as input, read the first additional generic parameter and see what matching user agents was found. We use the transform that match on IPAddress as input type and edit the SQL query to read: Select agent from cookies where update_count= $$1$$ Our mapping is simply a phrase that contains the name of the user agent: PhraseEntity

After running this transform we get the following results: Special fields The following additional macros are available to use within SQL queries. Date & time These are set to the date and time of the server: $$year$$ : current year e.g. 2008 $$month$$ : current month padded to two digits e.g. 02 or 11 $$day$$ : current day padded to two digits e.g. 09 or 22 $$hour12$$ : current hour in 12 hour format padded to two digits e.g. 05 or 11 $$hour24$$: current hour in 24 hour format - padded to two digits e.g 04 or 23 $$ampm$$: used with hour12 indicates if am or pm values are AM or PM $$minute$$: current minute padded to two digits e.g. 00 or 43 $$second$$: current second padded to two digits e.g. 04 or 55 $$doy$$: day of the year padded to three digits e.g. 004, 093 or 321 $$woy$$: week of the year padded to two digits e.g. 05 or 39

CheatSheet

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information