mysql as a file upload/download vector

From: Jon Hart (warchild_at_spoofed.org)
Date: 09/16/03

  • Next message: thomasng_at_bigfella.is-a-geek.net: "mapping vulnerabilities into high medium low risk"
    Date: Tue, 16 Sep 2003 16:40:48 -0400
    To: pen-test@securityfocus.com
    
    

    Howdy,

    I was up against a situation earlier today where I wanted to show that a
    mysql server with the 'test' database still available can be used as a
    warez server and can be used as a file upload/download vector for
    (potentially) heavily fortified hosts.

    I couldn't think of anything mysql-wise that would conveniently let me
    do this, nor could I find any tools that would let me do this. I
    figured that, since I already knew exactly how I could implement this,
    it'd probably be faster if I just wrote my own instead of scouring the
    web looking for some code to do this.

    Just to clarify, when I say "used as a warez server" or "file
    upload/download vector", I mean storing the file data in a database.
    And no, not just in one huge field either. I mean taking a file
    locally, chunking it up and storing it your database, and then later
    retrieving it.

    So, I wrote this:

            http://spoofed.org/files/mtp

    My question is, how badly did I re-reinvent the wheel?

    tia,

    -jon

    ---------------------------------------------------------------------------
    FREE Trial!
    New for security consultants and in-house pros: FOUNDSTONE PROFESSIONAL
    and PROFESSIONAL TL software. Fast, reliable vulnerability assessment
    technology powered by the award-winning FoundScan engine. Try it free for 21 days at: http://www.securityfocus.com/sponsor/Foundstone_pen-test_030825
    ----------------------------------------------------------------------------


  • Next message: thomasng_at_bigfella.is-a-geek.net: "mapping vulnerabilities into high medium low risk"