obtain WEB ADMIN administrative privileges
------------------ Original ------------------
From: "zhuzhu"<[email protected]>;
Date: 2009年3月8日(星期天) 下午3:07
To: "Ph4nt0m"<[email protected]>;
Subject: [Ph4nt0m] Re: about mysql injection
Hi bros,
I mentioned that it was an intranet server so I don't know how to
scan the server in this case. Now I only could make use of load_file
and outfile functions. Any suggestion?
On 3月5日, 下午1时09分, zhuzhu <[email protected]> wrote:
> Hi all,
>
> These days I am trying to hack a web site with sql injection
> weakness. It seems that the database and the web pages are hosted on
> two different machines. I don't know how to get the webshell in this
> case. Is there any way to get the ip address of the mysql server so
> that I could do some further exploration?
--~--~---------~--~----~------------~-------~--~----~
要向邮件组发送邮件,请发到 [email protected]
要退订此邮件,请发邮件至 [email protected]
-~----------~----~----~----~------~----~------~--~---
