Penetration Testing mailing list archives
Re: Abusing? MySQL 3.23.28-gamma
From: "rudi carell" <rudicarell () hotmail com>
Date: Tue, 25 Sep 2001 08:40:17
hola, This should work on most systems. If it does not work, you should try to find a more priviledged user-account. 1) Create a new table "name" with one huge character or text field;2) Insert your favourite string .. INSERT INTO name VALUES("whatever you want");
3) Select above into file .. SELECT * FROM name INTO OUTFILE '/dir/file.ext';
if you have a web-server running on the same machine it should be possible to create a server-side script (asp,php,ssi oO.) for your intention.
if this specific account is not allowed to use "INTO OUTFILE" try to escalate the privs.
rc security () freefly com http://www.freefly.com/security/
Hi everybody. I need to demonstrate not only the capability to drop databases and >modify data, but to execute system commands and/or get files not accesable >via web-server.
_________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Abusing? MySQL 3.23.28-gamma Arturo "Buanzo" Busleiman (Sep 24)
- <Possible follow-ups>
- Re: Abusing? MySQL 3.23.28-gamma rudi carell (Sep 25)