[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [WEB SECURITY] Create File in mysql injection
- From: "Rodrigo Montoro (Sp0oKeR)" <spooker@xxxxxxxxx>
- Subject: Re: [WEB SECURITY] Create File in mysql injection
- Date: Sun, 2 Mar 2008 11:39:18 -0300
You could use system .
mysql> system touch /tmp/spookerlabs ;
mysql> system ls -la /tmp/spookerlabs ;
-rw-rw-r-- 1 spooker spooker 0 Mar 2 11:44 /tmp/spookerlabs
mysql>
But you will have only apache privilegies to create your file. Try:
mysql> system id ;
Regards,
Rodrigo Montoro (Sp0oKeR)
On Sat, Mar 1, 2008 at 10:00 AM, Simorgh Security
<simorgh.security@xxxxxxxxx> wrote:
> In The name Of god .\
>
> I have Question .
>
> I can't Creat File in server with sql injection .
> mysql user : root
> mysql version :4.0.2
>
>
> please help me . thanks .
>
> ----------------------------------------------------------------------------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/
>
> Subscribe via RSS:
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
>
--
===============================
Rodrigo Montoro (Sp0oKeR)
Security Analyst
SnortCP / RHCE / LPIC-I / MCSO
http://www.spookerlabs.com.br
http://www.linkedin.com/in/spooker
===============================
----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec
Have a question? Search The Web Security Mailing List Archives:
http://www.webappsec.org/lists/websecurity/
Subscribe via RSS:
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
Brought to you by http://www.webappsec.org
Search this site
|