Thanks for your replies. But operating system of the db server is Red Hat Enterprise Linux Server release 5 which I am not familiar with. Come on guys, any other suggestion?
On Mar 9, 9:19 pm, Chung-Kai Wang <[email protected]> wrote: > dude u r allow 2 use load() function aiite? > if im u ill try to get da sam file n try to use da fuction 2 get as much > information bout the target as u can > such as > c:\mysql\data\mysql\user.myd > c:\windows\system32\inetsrv\MetaBase.xml > n da sam file is at c:\windows\repair\sam > well usually i use load 2 read those config files > at da end i hav 2 say that im a beginner lol if there get any fkin mistakes > well > forgive me then > > 2009/3/8 zhuzhu <[email protected]> > > > > > > > Hi Zang, > > I am not able to scan the server because it is an intranet server > > that I've mentioned twice. Any other suggestion? > > > On Mar 8, 9:24 pm, Zang <[email protected]> wrote: > > > using scan tools , > > > > 2009/3/8 zhuzhu <[email protected]> > > > > > Hi bros, > > > > I mentioned that it was an intranet server so I don't know how to > > > > scan the server in this case. Now I only could make use of load_file > > > > and outfile functions. Any suggestion? > > > > > On 3月5日, 下午1时09分, zhuzhu <[email protected]> wrote: > > > > > Hi all, > > > > > > These days I am trying to hack a web site with sql injection > > > > > weakness. It seems that the database and the web pages are hosted on > > > > > two different machines. I don't know how to get the webshell in this > > > > > case. Is there any way to get the ip address of the mysql server so > > > > > that I could do some further exploration?- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ 要向邮件组发送邮件,请发到 [email protected] 要退订此邮件,请发邮件至 [email protected] -~----------~----~----~----~------~----~------~--~---
