From: Gleb Paharenko (gpaharenko@gmail.com)
Date: Tue Jan 08 2008 - 12:56:50 EST
Hi.
Though I have never done this and searched in google if it is posiible,
theoretically you can use SELECT INTO OUT FILE to create file with custom
contents. Combine it with user defined functions and perhaps you will be able
to execute any binary code under mysql uid. See:
http://dev.mysql.com/doc/refman/4.1/en/adding-functions.html
http://dev.mysql.com/doc/refman/4.1/en/select.html
2008/1/4, Clone <c70n3@yahoo.co.in>:
> Hello guys,
>
> I'm doing a pen-test. I have compromised a remote
> mysql server ver 4.x doing password cracking. Is there
> anything I can do like xp_cmdshell in MSSQL to run OS
> or network commands? Is there a way to compromise
> their internal network from here?
>
> Clone
>
>
> Save all your chat conversations. Find them online at http://in.messenger.yahoo.com/webmessengerpromo.php
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
-- Best regards. Gleb Pakharenko. http://gpaharenko.livejournal.com ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:19 EDT