|
|
|
|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 55
Members: 0
Total: 55
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
root mysql? stuck! |
|
Posted: Fri Jan 09, 2009 4:14 am |
|
|
-AO- |
Advanced user |
|
|
Joined: Jul 15, 2008 |
Posts: 205 |
Location: United States |
|
|
|
|
|
|
I have a root mysql login but it's set host is only localhost. I only have privs to use the select command with another login. This password might match the ftp but I can't even connect to it or on http port...
ftp://xx.xx.xx.xx
http://xx.xx.xx.xx
so neither of these ports are open...
with select command I've got the root login but I'm stuck here.
Any suggestions? |
|
|
|
|
Posted: Fri Jan 09, 2009 8:52 am |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
Try to find phpmyadmin or some other sql client on this server. |
|
|
|
|
Posted: Fri Jan 09, 2009 3:38 pm |
|
|
_mranderson_ |
Valuable expert |
|
|
Joined: Oct 30, 2008 |
Posts: 51 |
|
|
|
|
|
|
|
if you are root and can only use select statements, you're done.
use Code: | select load_file('/complete/path/to/file') | to read a file, or Code: | select 'data' into outfile '/path/to/file' | to write some data to a file. |
|
|
|
|
|
|
|
|
Posted: Sat Jan 10, 2009 6:07 am |
|
|
-AO- |
Advanced user |
|
|
Joined: Jul 15, 2008 |
Posts: 205 |
Location: United States |
|
|
|
|
|
|
Thanks for replies. I tried every sql client I could think of and none of them worked. This server is mainly used for mysql and not a web server. I used nmap to do a port scan and the only port open was 22 which is probably ssh but couldn't connect w/ putty.
@mranderson
I tried these on my localhost and couldn't get them to work... and for load_file, wouldn't I need file privs? But if I could get the select into outfile to work... Do something like this maybe?
<?php
mysql_connect(localhost, root, password);
mysql_query('CREATE USER 'Administrator'@ '99.99.99.99' IDENTIFIED BY '****';
GRANT ALL PRIVILEGES ON * . * TO 'Administrator'@ '99.99.99.99' IDENTIFIED BY '****' WITH GRANT OPTION MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 MAX_USER_CONNECTIONS 0 ;');
?>
But since this server isn't a webserver... maybe it doesn't have php |
|
|
|
|
|
|
|
|
Posted: Sat Jan 10, 2009 10:19 am |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
How many databases have on this mysql server? |
|
|
|
|
Posted: Sat Jan 10, 2009 7:24 pm |
|
|
-AO- |
Advanced user |
|
|
Joined: Jul 15, 2008 |
Posts: 205 |
Location: United States |
|
|
|
|
|
|
There is three databases including mysql and information_schema. |
|
|
|
|
Posted: Sat Jan 10, 2009 8:14 pm |
|
|
pexli |
Valuable expert |
|
|
Joined: May 24, 2007 |
Posts: 665 |
Location: Bulgaria |
|
|
|
|
|
|
-AO- wrote: | There is three databases including mysql and information_schema. |
Some software??? |
|
|
|
|
Posted: Sun Jan 11, 2009 12:10 am |
|
|
-AO- |
Advanced user |
|
|
Joined: Jul 15, 2008 |
Posts: 205 |
Location: United States |
|
|
|
|
|
|
Nope, no software that i could find. Only open ports 22 & 7777. i know these dbs from connecting through another server. |
|
|
|
|
Posted: Sun Jan 11, 2009 1:18 pm |
|
|
_mranderson_ |
Valuable expert |
|
|
Joined: Oct 30, 2008 |
Posts: 51 |
|
|
|
|
|
|
|
it's an L2 server aight?
anyways, as already said, if you have the mysql root's password you should find a way to run SQL code on it, because with root privs you can load_file() and select into outfile. |
|
|
|
|
www.waraxe.us Forum Index -> All other security holes
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|
|