Search found 9 matches

Return to advanced search

Re: What worst a hacker can do got access to MySQL root?

Thanks, I now understand it. You can use this, if for example the system root user doesn't have a /root/.procmailrc file (and the system uses procmail) , you can make rules in this file so if the root user receives mail with a crafty subject line you decide it trigger commands on the system forexamp...
by 1lastBr3ath
on Thu Jan 28, 2016 7:11 am
 
Forum: Web
Topic: What worst a hacker can do got access to MySQL root?
Comments: 6
Views: 10070

Re: What worst a hacker can do got access to MySQL root?

boriz666 wrote:You should never run your mysql server as the root user

Yeah, I'm asking why.

cyberdrain wrote:Worst case is complete control of the server by a hacker.

So, it all depends on where MySQL root is allowed to write files to, right? I don't think MySQL allows users to execute system commands directly.
by 1lastBr3ath
on Tue Jan 26, 2016 10:42 pm
 
Forum: Web
Topic: What worst a hacker can do got access to MySQL root?
Comments: 6
Views: 10070

What worst a hacker can do got access to MySQL root?

My question is; What is the worst case if a hacker gets access to MySQL root? I know MySQL root user have FILE privilege, and can write files to the system- allowing her to upload Shell. So, what are other possible worst actions a hacker can perform given she has access to MySQL root user? Another v...
by 1lastBr3ath
on Mon Jan 25, 2016 8:34 am
 
Forum: Web
Topic: What worst a hacker can do got access to MySQL root?
Comments: 6
Views: 10070

Re: Please ask questions ONLY in this topic.

Alright, at least you did some research before asking for help :) The textbook example is OR '1'='1';-- even though that code almost never works. But yeah, it's still a pretty basic SQL command. I actually always do some research before I ask anything, hehe :) That's why I asked if the number of co...
by 1lastBr3ath
on Thu Sep 04, 2014 9:00 pm
 
Forum: (Real 4) Fischer's Animal Products
Topic: Please ask questions ONLY in this topic.
Comments: 525
Views: 549533

Re: Please ask questions ONLY in this topic.

Thank you, but I already did a course on sql injection from udemy, though it wasn't that good. And, I know sql, and have probably read all those basic courses at W3Schools.
But the command I used here was new, at least to myself.
by 1lastBr3ath
on Thu Sep 04, 2014 2:12 pm
 
Forum: (Real 4) Fischer's Animal Products
Topic: Please ask questions ONLY in this topic.
Comments: 525
Views: 549533

Re: Please ask questions ONLY in this topic.

Okay, you can say that. That's why I posted my questions here so that I can clear my thoughts, a process of learning, isn't it? If I knew how it worked and why, I wouldn't have posted anything at all. I've clearly written what I think and requested to correct if wrong. So, I think you should rather ...
by 1lastBr3ath
on Thu Sep 04, 2014 12:50 pm
 
Forum: (Real 4) Fischer's Animal Products
Topic: Please ask questions ONLY in this topic.
Comments: 525
Views: 549533

Re: Please ask questions ONLY in this topic.

Greetings everyone :) I just completed the mission, luckily, and I hope you'll too. A tip I would give to those, who haven't completed the mission, is "Don't over think", you'll only make it complex that way. But, a question I had, as far as I know, when using UNION ALL, the number of colu...
by 1lastBr3ath
on Thu Sep 04, 2014 5:50 am
 
Forum: (Real 4) Fischer's Animal Products
Topic: Please ask questions ONLY in this topic.
Comments: 525
Views: 549533

Re: My first c program

I would say "Good enough", if it was your first program. But as you're already familiar with PHP, you could have done a lot better. It's syntax that changes, not the logic. Though, you're on your way. Keep learning, you could have used 'switch' case instead of nested 'if else...', and bett...
by 1lastBr3ath
on Wed Aug 20, 2014 3:25 am
 
Forum: Programming
Topic: My first c program
Comments: 6
Views: 6534

Re: Introduce Yourself  Topic is solved

Hi everyone, My name is Prakash, 20 in age. I'm a student, doing Bachelor of Information Technology (BIT), from Nepal. I know a bit of programming in C, C++, C#, PHP, jQuery, etc., but a n00b still. I think I've lost my interest in programming, and I'm beginning to move towards security, the reason ...
by 1lastBr3ath
on Sat Aug 16, 2014 11:17 am
 
Forum: NZone
Topic: Introduce Yourself
Comments: 1648
Views: 2776759

Return to advanced search