Carnivore - Predator
Formerly known as THC HackSuite, Carnivore - Predator stands at the forefront of cutting-edge cybersecurity tools, redefining the landscape of penetration testing with unparalleled innovation. Designed to empower ethical hackers, security professionals, and enthusiasts alike, Carnivore - Predator is the ultimate Pentest CMS that puts you in command.
current version: 0.7.0 - PREDATOR
home > documentation > modules > How to use THC Database Brute
This article explains how to effectively make use of THC Database Brute.
author: Remco Kouw
created: 30-Apr-2024
updated: 30-Apr-2024

THC Database Brute Introduction

This documentation provides an overview of the THC Database Brute (thc_db) module functionality.

The THC Database Brute module is designed to perform brute-force attacks on various databases and extract their contents.

Interface Parameters:

  1. Location SQL Server: IP address of the SQL server.
  2. Username: Username to be targeted.
  3. Database Dump: Attempts to dump the database and its tables upon successful password cracking.
  4. Wordlist: Dropdown menu containing wordlists from the Wordlists folder.
  5. Database: Dropdown menu listing the databases supported by this module.

ModGlue Variables:

  1. $_CONTEXT['thc_db']['connectfile']: (string) Absolute path to the database connection file.
  2. $_CONTEXT['thc_db']['log']: (string) Absolute path to the log file storing correct passwords.
  3. $_CONTEXT['thc_db']['results']['result']: (boolean) True if the password was successfully guessed, false otherwise.
  4. $_CONTEXT['thc_db']['results']['password']: (string) Correct password if the result is true.
  5. $_CONTEXT['thc_db']['results']['dump']: (array) Dump of the database and its tables.
  6. $_CONTEXT['thc_db']['dbname_required']: (array) List of required database types.
  7. $_CONTEXT['thc_db']['supported']: (array) List of supported database types.
  8. $_CONTEXT['thc_db']['database']: (string) Selected database type.
  9. $_CONTEXT['thc_db']['keys']: (array) Properties of each cracked password (applies to the View Passes case).
  10. $_CONTEXT['thc_db']['wordlistname']: (string) Absolute path to the wordlist file in the Wordlists folder.
  11. $_CONTEXT['thc_db']['wordlist']: (array) Passwords from the selected wordlist.
  12. $_CONTEXT['thc_db']['loginattempts']: (int) Number of passwords attempted.
  13. $_CONTEXT['thc_db']['wordlistwords']: (int) Number of passwords in the selected wordlist.
  14. $_CONTEXT['thc_db']['currentpass']: (string) Current password being tested.
  15. $_CONTEXT['thc_db']['totaltime']: (int) Total session duration.
  16. $_CONTEXT['thc_db']['resultstring']: (string) Summary of the session results.

Resource Settings:

  • Time Limit: PHP default.
  • Memory Limit: PHP default.

Expanding THC Database Brute:

You can expand THC Database Brute's functionality by adding new databases in the connect.php file located in the module's root folder. Use the same naming convention as existing methods (e.g., ConnectDatabaseName) to ensure compatibility with Carnivore.

Dependencies:

N/A

Known Issues:

This module uses dictionary attacks for brute-forcing, which can be resource-intensive. If you encounter time limit or memory issues, consider adjusting the module's settings.

How to use AntiZip || How to use HTTPAuth
similar content
How to use AntiFTPHow to use THC AntiHashHow to use AntiLoginHow to use AntiMailHow to use AntiZipHow to use HTTPAuthHow to use THC xSNMPHow to use THC xSSH
Created by Remco Kouw: 2008-2024