Open WebBreacher opened 10 years ago
Just read through, what do you want to extract from that post?
Hmm. The database backdoor concept via triggers is definitely sweet, however seems somewhat redundant if you already have database access (via SQLi or direct access) and command execution IMO
I thought we could use some of these techniques and break them out into specifics. Instead of saying, "you could use SQLi to write out a script on the file system and then have the scheduler execute it" we could have a step by step method. That kind stuff. no?
ya, would be great, just didn't jump out at me, sounds good.
Content is here: http://resources.infosecinstitute.com/backdoor-sql-injection/