From the course: Ethical Hacking: SQL Injection
Join today to access over 24,600 courses taught by industry experts.
Cracking the MySQL hash
From the course: Ethical Hacking: SQL Injection
Cracking the MySQL hash
- Often our objective when doing an SQL injection is to obtain credentials. And just as often, the password is likely to be hashed. It's useful, therefore, to be able to crack hashes we find in SQL systems. When we create a user in SQL, we've already seen the form of hash we get. Let's look at Marcus again. We'll use my SQL. And we'll select user comma password from user. Now let's select this hash and try to crack it in crack station. I'll paste it in. I'll confirm that I'm a real person, and crack the hash. And crack station recognizes that this is my SQL hash and it's easily cranked. I've got to file with another hash that we might find in an SQL database. Cat Hash MD five. And we can see this looks different. It starts with dollar signs. I'll copy this. I'll paste it into crank station again. I'm not a robot and I'll crack it, but it's an unrecognized hash format. Let's take a look…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.