Penetration Testing mailing list archives
Re: MySQL compromise
From: "Gleb Paharenko" <gpaharenko () gmail com>
Date: Tue, 8 Jan 2008 19:56:50 +0200
Hi. Though I have never done this and searched in google if it is posiible, theoretically you can use SELECT INTO OUT FILE to create file with custom contents. Combine it with user defined functions and perhaps you will be able to execute any binary code under mysql uid. See: http://dev.mysql.com/doc/refman/4.1/en/adding-functions.html http://dev.mysql.com/doc/refman/4.1/en/select.html 2008/1/4, Clone <c70n3 () yahoo co in>:
Hello guys, I'm doing a pen-test. I have compromised a remote mysql server ver 4.x doing password cracking. Is there anything I can do like xp_cmdshell in MSSQL to run OS or network commands? Is there a way to compromise their internal network from here? Clone Save all your chat conversations. Find them online at http://in.messenger.yahoo.com/webmessengerpromo.php ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
-- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
Current thread:
- MySQL compromise Clone (Jan 08)
- Re: MySQL compromise Josh Miller (Jan 09)
- Re: MySQL compromise Jon Hart (Jan 10)
- Re: MySQL compromise pentestr (Jan 10)
- Re: MySQL compromise Gleb Paharenko (Jan 09)
- Re: MySQL compromise Claudio Criscione (Jan 09)
- Re: MySQL compromise Laszlo KLOCK (Jan 09)
- Re: MySQL compromise Marco Ivaldi (Jan 15)
- Re: MySQL compromise Kelly Keeton (Jan 09)
- Re: MySQL compromise Josh Miller (Jan 09)