5/15/2024 0 Comments Ssh tunnel putty couchdb![]() CouchDB comes with a standard HTTP-based API, which allows interacting with the database by means of HTTP requests. The document store, or BBRF server, is a central document-oriented database running on CouchDB. To achieve the desired functionality, BBRF was designed as two separate components: the BBRF server, in the form of a central document store, and the BBRF client in the form of a Python script. In particular, I was longing to be able to run commands like: bbrf domains and bbrf ips to list my data, and sublist3r.py | bbrf domain add - to store my results. To overcome this problem in an attempt to be more structured, I started implementing bbrf, which in the first place had to be a command-line tool allowing me to easily list all domains and IPs belonging to a project, and to store domains and IPs for later use. In other words, I would use tools for their specific purpose, interpret and use the output manually, and move on to the next one. In particular, managing the output of different tools and combining them to enrich each other was cumbersome enough that I kept on using tools on an ad-hoc basis. My biggest struggle when working with this growing variety of tools was always: being organized. ffuf) or successfully combine a lot of submodules into one big framework (e.g. massdns), try to be amazing all-rounders (e.g. Whereas five years ago, subdomain bruteforcing with fierce was all the recon I could muster, the community today has access to an abundance of very good tools that either specialize in very specific tasks (e.g. When it comes to reconnaissance, or “recon”, in bug bounty hunting, it is clear that there is a lot of tooling available. If you’ve stumbled on this article looking to get started with BBRF immediately, head over to the GitHub repo right away! If you’re interested to learn more about what it is (and what it ain’t), feel free to continue reading below. In this article, I want to introduce the solution I have designed to address some of those headaches, hoping that it may prove useful to you in some way. Like anyone involved in bug bounty hunting, I have encountered a number of challenges in organizing my reconnaissance data over the years. This user has a different password than the default read/write user which can also be found in your ~/.my.An example use case of bbrf, here integrating with subfinder from projectdiscovery. We provide you with a separate user suffixed with _ro (“read-only”) which you can use in these cases. ![]() There are use cases for a read-only user as well, especially from a security perspective. While most applications based on MySQL databases support exactly one database user (and expect it to have write permissions), ,:-_).īut we only enforce the following rules, if you want to set your own: It consists of 20 random characters, containing a mix of upper and lowercase ASCII letters, the numbers 0-9 and punctuation (. ![]() We generate a passwords for you on user creation. That way, MariaDB command-line tools are still able to automatically log you in. It is very important to put the new password into your ~/.my.cnf file with a text editor of your choice. Take a look into that file or execute my_print_defaults client to show it, like that: We’ve created a strong one and put it into the file ~/.my.cnf which is used by the MariaDB command-line tools to automatically log you in. Your MySQL password differs from any other password. Login credentials ¶Īpplications based on MySQL databases will ask you for a username, a password, a database name and possibly a host/port. You can manage your databases via phpMyAdmin or adminer. Our default setup provides you with a database and a user named like your Uberspace, but you can create additional databases later. To avoid confusion, MariaDB uses the same command names you already know, like mysql, mysqldump etc. If you’re already used to use MySQL, you can lean back calmly: We’re providing MariaDB 10.6 as a MySQL-compatible database server.
0 Comments
Leave a Reply. |