Home page logo

pen-test logo Penetration Testing mailing list archives

Re: MySQL compromise
From: Jon Hart <jhart () spoofed org>
Date: Wed, 9 Jan 2008 10:03:54 -0800

On Tue, Jan 08, 2008 at 09:11:07AM -0800, Josh Miller wrote:
Clone wrote:
Hello guys,

I'm doing a pen-test. I have compromised a remote
mysql server ver 4.x doing password cracking. Is there
anything  I can do like xp_cmdshell in MSSQL to run OS
or network commands? Is there a way to compromise
their internal network from here?

You can use the 'system' command to execute local commands.

system is local to the system running the mysql client.  See

'load data infile'
(http://dev.mysql.com/doc/refman/5.0/en/load-data.html) and 'select ...
into outfile ...' (http://dev.mysql.com/doc/refman/5.0/en/select.html)
are good starting points.


This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]