Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: MySQL compromise
From: Claudio Criscione <blackfireml () tiscali it>
Date: Wed, 9 Jan 2008 13:24:38 +0100

Il Friday 04 January 2008 15:40:03 Clone ha scritto:

or network commands? Is there a way to compromise
their internal network from here?

You can play with INTO OUTFILE to create files around in the filesystem, and 
this is very interesting if you have a webserver on the same machine or if 
the mysql server is running with high privileges.

Claudio

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault