|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Valdis.Kletnieks
vt.edu
Date: Fri Nov 06 2009 - 10:37:28 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, 06 Nov 2009 10:04:54 CST, Paul Schmehl said:
> What privileges did the user who performed the select have?
>
> INTO OUTFILE is a dangerous routine (as you've clearly demonstrated), but that
> privilege must be specifically granted to a user before it's possible to
> execute it. No sensible administrator would grant the FILE privilege to a
> webserver application's database acccount.
Very true, but a good blackhat always keeps a good supply of ways to exploit
common stupid administrator mistakes. I'd not be surprised in the least if
more than 10% of the sites, some admin under time pressure to Just Fix It
assigned FILE privs to get the web application back up and running.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFK9FDIcC3lWbTT17ARAkh3AKC+yn+dfwFNVWsPARjnXOy7SyZN7wCgmC86
ssvxL2GQg/B43Kh/Ogw/rGg=
=rlN3
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]