why?
From: [email protected] To: [email protected]; [email protected] Subject: [Ph4nt0m] Re: about mysql injection Date: Sat, 14 Mar 2009 04:20:56 +0800 obtain WEB ADMIN administrative privileges ------------------ Original ------------------ From: "zhuzhu"<[email protected]>; Date: 2009年3月8日(星期天) 下午3:07 To: "Ph4nt0m"<[email protected]>; Subject: [Ph4nt0m] Re: about mysql injection Hi bros, I mentioned that it was an intranet server so I don't know how to scan the server in this case. Now I only could make use of load_file and outfile functions. Any suggestion? On 3月5日, 下午1时09分, zhuzhu <[email protected]> wrote: > Hi all, > > These days I am trying to hack a web site with sql injection > weakness. It seems that the database and the web pages are hosted on > two different machines. I don't know how to get the webshell in this > case. Is there any way to get the ip address of the mysql server so > that I could do some further exploration? <BR _________________________________________________________________ 梦幻K图,百变造型,让你的照片与众不同,快来MClub试试吧! http://club.msn.cn/?form=3 --~--~---------~--~----~------------~-------~--~----~ 要向邮件组发送邮件,请发到 [email protected] 要退订此邮件,请发邮件至 [email protected] -~----------~----~----~----~------~----~------~--~---
