From: Laszlo KLOCK (laci.klock@gmail.com)
Date: Tue Jan 08 2008 - 12:23:04 EST
Hi!
It's possible with mysql UDF-s, like this one:
http://www.0xdeadbeef.info/exploits/raptor_udf.c
On 1/4/08, Clone <c70n3@yahoo.co.in> wrote:
> Hello guys,
>
> I'm doing a pen-test. I have compromised a remote
> mysql server ver 4.x doing password cracking. Is there
> anything I can do like xp_cmdshell in MSSQL to run OS
> or network commands? Is there a way to compromise
> their internal network from here?
>
> Clone
>
>
> Save all your chat conversations. Find them online at
> http://in.messenger.yahoo.com/webmessengerpromo.php
>
>
> ------------------------------------------------------------------------
> This list is sponsored by: Cenzic
>
> Need to secure your web apps NOW?
> Cenzic finds more, "real" vulnerabilities fast.
> Click to try it, buy it or download a solution FREE today!
>
> http://www.cenzic.com/downloads
> ------------------------------------------------------------------------
>
>
-- Udv. klaci "Life's unfair - but root password helps!" ------------------------------------------------------------------------ This list is sponsored by: Cenzic Need to secure your web apps NOW? Cenzic finds more, "real" vulnerabilities fast. Click to try it, buy it or download a solution FREE today! http://www.cenzic.com/downloads ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:19 EDT