Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Injected, whats next

From: "Serg B." <sergicles () gmail com>
Date: Fri, 18 Aug 2006 20:45:31 +1000
Sounds like you are exploiting someonce server, not testing an
application! 

An application test would stop with proof of SQL injection - no need to
go further.



On Thu, 2006-08-17 at 17:41 +0400, DokFLeed wrote:

I am testing a web application, I can run  UPDATE & SELECT
Does anyone know a way to upload a file to a server through MySQL !
does it allow running system commands or a way to dump a file from the 
database to the server?
its  LAMP , Linux, Apache, MySQL, PHP
any ideas!!

Dok
smoke dope, eat soap, fly home in a bubble 


------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------




------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: