Penetration Testing mailing list archives

Re: Injected, whats next

From: Jon Hart <jhart () spoofed org>
Date: Thu, 17 Aug 2006 10:54:54 -0700

On Thu, Aug 17, 2006 at 05:41:06PM +0400, DokFLeed wrote:

I am testing a web application, I can run  UPDATE & SELECT
Does anyone know a way to upload a file to a server through MySQL !
does it allow running system commands or a way to dump a file from the 
database to the server?
its  LAMP , Linux, Apache, MySQL, PHP
any ideas!!


use 'into outfile'.  You'll be limited by DB and filesystem permissions,
though.  

   select 'foobar' into outfile '/tmp/blahfoo';

-jon

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------

Current thread:

SQL injection (or not?) rr (Aug 08)
- Re: SQL injection (or not?) Mike Klingler (Aug 08)
- Re: SQL injection (or not?) A. Ramos (Aug 09)
- <Possible follow-ups>
- RE: SQL injection (or not?) Isidro Ramon Labrador Rodriguez (Aug 09)
  - RE: SQL injection (or not?) Tonnerre Lombard (Aug 09)
  - Re: SQL injection (or not?) DokFLeed (Aug 09)
    - Injected, whats next DokFLeed (Aug 17)
    - Re: Injected, whats next Jon Hart (Aug 18)
    - RE: Injected, whats next Clemens, Dan (Aug 18)
    - Re: Injected, whats next Serg B. (Aug 18)
    - Message not available
    - Re: Injected, whats next Serg B. (Aug 18)
    - Re: Injected, whats next Brendan Dolan-Gavitt (Aug 18)
    - Re: Injected, whats next DokFLeed (Aug 18)
- Re: SQL injection (or not?) rr (Aug 10)
- RE: SQL injection (or not?) C, Muruganandam (Aug 14)