bolus Posted April 11, 2016 Share Posted April 11, 2016 I'm learning my way through SQLi, and wondered what typically, the next steps are after I've: 1. Identified a vulnerability 2. via SQLi I've listed DB, user, tables, columns, content of columns etc 3. identified that user is not sysadmin (on a MySQL system) Where does one typically go next with identifying further information, and ultimately escalating privileges? I'm not after a step by step hold my hand approach, more a general 'this is the order I tend to do things in', as I know everyone has a different approach. thanks in advance Quote Link to comment Share on other sites More sharing options...
digininja Posted April 11, 2016 Share Posted April 11, 2016 It all depends on what you want to do: Dump some data and see what is in. Check for file read and write. Grab the version and look for vulnerabilities. Quote Link to comment Share on other sites More sharing options...
Karit Posted April 12, 2016 Share Posted April 12, 2016 Maybe get remote code execution. https://pentesterlab.com/can walk you through some of it. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.