Penetration Testing mailing list archives

Injected, whats next

From: "DokFLeed" <dokfleed () dokfleed net>
Date: Thu, 17 Aug 2006 17:41:06 +0400

I am testing a web application, I can run  UPDATE & SELECT
Does anyone know a way to upload a file to a server through MySQL !

does it allow running system commands or a way to dump a file from thedatabase to the server?

its  LAMP , Linux, Apache, MySQL, PHP
any ideas!!

Dok

smoke dope, eat soap, fly home in a bubble


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

Current thread:

SQL injection (or not?) rr (Aug 08)
- Re: SQL injection (or not?) Mike Klingler (Aug 08)
- Re: SQL injection (or not?) A. Ramos (Aug 09)
- <Possible follow-ups>
- RE: SQL injection (or not?) Isidro Ramon Labrador Rodriguez (Aug 09)
  - RE: SQL injection (or not?) Tonnerre Lombard (Aug 09)
  - Re: SQL injection (or not?) DokFLeed (Aug 09)
    - Injected, whats next DokFLeed (Aug 17)
    - Re: Injected, whats next Jon Hart (Aug 18)
    - RE: Injected, whats next Clemens, Dan (Aug 18)
    - Re: Injected, whats next Serg B. (Aug 18)
    - Message not available
    - Re: Injected, whats next Serg B. (Aug 18)
    - Re: Injected, whats next Brendan Dolan-Gavitt (Aug 18)
    - Re: Injected, whats next DokFLeed (Aug 18)
- Re: SQL injection (or not?) rr (Aug 10)
- RE: SQL injection (or not?) C, Muruganandam (Aug 14)