Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MySQL compromise

From: "Laszlo KLOCK" <laci.klock () gmail com>
Date: Tue, 8 Jan 2008 18:23:04 +0100
Hi!

It's possible with mysql UDF-s, like this one:
http://www.0xdeadbeef.info/exploits/raptor_udf.c

On 1/4/08, Clone <c70n3 () yahoo co in> wrote:

Hello guys,

I'm doing a pen-test. I have compromised a remote
mysql server ver 4.x doing password cracking. Is there
anything  I can do like xp_cmdshell in MSSQL to run OS
or network commands? Is there a way to compromise
their internal network from here?

Clone


      Save all your chat conversations. Find them online at
http://in.messenger.yahoo.com/webmessengerpromo.php


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------





-- 
Udv. klaci
"Life's unfair - but root password helps!"

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: