Hi everybody. I was contracted by an enterprise to conduct a simple pentest, and I came across a really stupid MySQL installation: fully accesable from the outside and a really sillu user/password combination (user=pass......). I need to demonstrate not only the capability to drop databases and modify data, but to execute system commands and/or get files not accesable via web-server. I've thought of creating a table specifically designed to load infile /etc/passwd, for example, but I didn't like this approach after thinking about it for a nanosecond :) Any ideas? BTW, I searched the BID but nothing interesting showed up. Thank you! bye..... Arturo "Buanzo" Busleiman Linux USERS, MP Ediciones Moderador de Seguridadat_private Gerente de Sistemas y Seguridad de Turcin y asociados http://www.turcin.com.ar Come visit my personal site (Spanish) http://www.buanzo.com.ar >> INFUSION Rock-Alternativo: http://www.infusionalternativa.com.ar ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Mon Sep 24 2001 - 12:11:12 PDT