SOME PENTISTING ROCK I HIT

[chuksjonia at gmail.com (chuks Jonia)]

 Hi guys. This is my first post. Hope u will help.

I'm doing a pentest, i did a first one for the same company before and
it was so successful, whereby the servers am testing are hosted in a
data center away from the office of the clients. I helped them patch
and to know where the holes are, then later they did an upgrade of all
machines, and the holes were covered, i'm here again starting from
scratch. They did manage to close most of the holes, but the trust
relationships between office machines, the carecenter machines and the
Data centre is overwhelming. I have been able to compromise the office
server and some machines inside the LAN and i managed to get hold of
the main box at the Data Centre, where the webserver is. The
datacenter has five servers on public i.p but can only be reached by
the trusted machines except for the public webserver. There are
machines in the same datacenter that are connected using vlans behind
the firewall.

Now, the next machine i have compromised is a Database Server and i
need to upload a web shell to a host on a different I.P.

In Mysql, is there a way i can do it, if in localhost its possible,
coz on the public webserver i was able since it has port 3306 open.

What path should i use?

Should i take it down like this, SELECT * INTO OUTFILE
'/data/mysql/xxx.xxx.xxx.xxx/var/www/html/TranscationApps/shell.php'
from chuks;


???

Though whenever i try i get an error

ERROR 1 (HY000): Can't create/write to file
'/data/mysql/xxx.xxx.xxx.xxx/var/www/html/TranscationApps/shell.php'
(Errcode: 2)



Where am i going wrong? Please give me some ideas.

I have another problem too, but i hope someone gets me some ideas on this first.

Thanks in Advance

/Chuks