Hello friends,
I desperately need your help in my post exploitation phase.
After exploiting the sql injection(time-based) vulnerability using sqlmap,
I got OS-Shell> of compromised database server, however I failed to inject
meterpreter with an error stating that injection failed due to
Antivirus..bla..bla..
I didn't tried VNC yet, but my prediction is it may fail as well.
Also my assumption is the compromised database configured to communicate
with application server on LAN IP and has no public facing internet
configuration, means no direct internet access.
OS-Shell> response is very slow, it takes 4-8 hours to respond to simple
command like "net user" :(
Now in this situation can we deploy and create some tunnel to database,
which is faster and give quick response to further probing such as scan the
internal of their network?
(Fyi, this is an ongoing authorized penetration test exercise)
kindly HELP
Regards,
Alok
------------------------------------------------------------------------------
Try New Relic Now & We'll Send You this Cool Shirt
New Relic is the only SaaS-based application performance monitoring service
that delivers powerful full stack analytics. Optimize and monitor your
browser, app, & servers with just a few lines of code. Try New Relic
and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_may
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
