EvilZone

Hacking and Security => Hacking and Security => : lordwhizy June 02, 2012, 05:29:48 PM

: Hacking Into A Mysql Database
: lordwhizy June 02, 2012, 05:29:48 PM

Hi Guys, I have been trying to hack a web application db...
Bad thing is that the entire site is not vulnerable to sql injection...
but the server seems awfully vulnerable (nessus scan result), been trying out all my wits, almost a week of sleepless night now, i need some assistance.
Some info about the site...?
i'm on the same local network as the site.

: Re: Hacking Into A Mysql Database
: Kulverstukas June 02, 2012, 08:22:33 PM

same local network? so that means you are a student at that university...
About the database, if the database is running locally (same server as the website) there is no way to connect to it unless you can get into the server itself and connect from there.

But if you are a student there, there might be other things you could do...

: Re: Hacking Into A Mysql Database
: gh0st June 02, 2012, 08:33:25 PM

im a bit noob in this topic but you also could use a 0 day just check the version of the db then if its outdated google for an exploit for it this shouldnt be too hard to run i guess

: Re: Hacking Into A Mysql Database
: lordwhizy June 02, 2012, 09:34:21 PM

Yeah, that where the problem is, i cant get into the server, i found multiple vulnerabilities on it, but cant exploit them, maybe i dont know how to use the exploit codes, I'll post link to the exploit code.

: Re: Hacking Into A Mysql Database
: lordwhizy June 03, 2012, 02:57:29 AM

i'm kinda confused on something, the OS, according to the site 404 page it shows some linux info, nessus scan and zenmap intense scan detect some linux 2.6, but i found out that the server has wamp (window program) on it and zenmap slow comprehensive scan reports some windows server.  :-\

: Re: Hacking Into A Mysql Database
: lordwhizy June 04, 2012, 08:52:49 AM

New development, i found some old scripts on the server that showed the the phpinfo(), and some directories that does not open index.php by default even when it is present, dont know how to use this info.
i found a way to upload a file into the /tmp directory on the server,
i'm thinking if i can upload a type of virus into this /tmp directory that will copy itself into the /usr/local/apache2 folder and execute some shell or backdoor codes i can gain access.
Can any body help with this? dont know much about viruses

: Re: Hacking Into A Mysql Database
: Kulverstukas June 04, 2012, 10:24:19 AM

No viruses can do what you want. Just upload a shell to /tmp if you can and see where that goes.

: Re: Hacking Into A Mysql Database
: lordwhizy June 04, 2012, 11:03:33 AM

But how do i run the shell, since it not in the public apache directory?

: Re: Hacking Into A Mysql Database
: Kulverstukas June 04, 2012, 11:18:46 AM

you upload it and you open it like opening a file.... just google it.

: Re: Hacking Into A Mysql Database
: lordwhizy June 06, 2012, 09:00:27 AM

I could'nt find anything understandable on google, can you please shed more light on this....


And secondly, i want to try this exploit code, [size=78%]http://www.exploit-db.com/exploits/2237/ (http://www.exploit-db.com/exploits/2237/)[/size] but i dont understand what the

"RewriteRule kung/(.*) $1" is.

Please check it out