Re: PENTEST MySQL on windows
From: Tim (tim-pentest_at_sentinelchicken.org)
Date: 02/25/05
- Previous message: Capixaba: "Re: Bypassing NTFS ACL"
- In reply to: Anthony Ruso: "PENTEST MySQL on windows"
- Next in thread: Marco Ivaldi: "Re: PENTEST MySQL on windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 24 Feb 2005 22:44:36 -0500 To: Anthony Ruso <aruso@lgit.com>
> Doing a pentest on a site hosting a vulnerable verion of MySQL on a
> Windows box. I was able to get full access to the DB and export ALL the
> data. Anyone have any ideas on jumping to the Windows OS with full
> access to Just the DB.
I don't know if you are familiar with this, but MySQL supports a SELECT
syntax called OUTFILE that allows you to write output of a query to a
file. See:
http://dev.mysql.com/doc/mysql/en/select.html
This syntax is pretty limited, and the permission to do this can be
turned off, but if you have the right privs, and can craft a batch
script, and put it in the right place on the filesystem, perhaps it will
help.
good luck,
tim
- Previous message: Capixaba: "Re: Bypassing NTFS ACL"
- In reply to: Anthony Ruso: "PENTEST MySQL on windows"
- Next in thread: Marco Ivaldi: "Re: PENTEST MySQL on windows"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
