DBPwAudit – Database Password Auditing Tool

Your website & network are Hackable

DBPwAudit is a Java database password auditing tool that allows you to perform online audits of password quality for several database engines. The application design allows for easy adding of additional database drivers by simply copying new JDBC drivers to the jdbc directory.

DBPwAudit - Database Password Auditing Tool

Configuration is performed in two files, the aliases.conf file is used to map drivers to aliases and the rules.conf tells the application how to handle error messages from the scan.


The tool has been tested and known to work with:

– Microsoft SQL Server 2000/2005
– Oracle 8/9/10/11
– IBM DB2 Universal Database


The tool is pre-configured for these drivers but does not ship with them, due to licensing issues. The links below can be used to find some of the drivers. They should all be copied to the jdbc directory.

Links to JDBC Drivers:

Microsoft SQL Server 2005
Microsoft SQL Server 2000


Scan the SQL server (-s, using the specified database (-d testdb) and driver (-D MySQL) using the root username (-U root) and password dictionary (-P /usr/share/wordlists/nmap.lst):

You can download DBPwAudit here:


Or read more here.

Posted in: Database Hacking, Hacking Tools, Password Cracking

, , , , , , , ,

Recent in Database Hacking:
- BBQSQL – Blind SQL Injection Framework
- DBPwAudit – Database Password Auditing Tool
- VTech Hack – Over 7 Million Records Leaked (Children & Parents)

Related Posts:

Most Read in Database Hacking:
- Pangolin – Automatic SQL Injection Tool - 77,403 views
- bsqlbf 1.1 – Blind SQL Injection Tool - 54,563 views
- SQLBrute – SQL Injection Brute Force Tool - 41,611 views

No comments yet.

Leave a Reply