Sign in to follow this  
Followers 0
AjexMe

How to access the Server

11 posts in this topic

Through SQL Injection i managed to create an admin user account in one site and can anybody tell me how to log into that server? I tried Remote desktop connection but its not enabled in the server. I created the user using master..xp_cmdshell .... and its a local admin user.

:huh:

0

Share this post


Link to post
Share on other sites

Well if its weak to RFI you could go ahead and stick a shell in the include path..

Otherwise the admin account if created right, will allow you access to the cpanel? assuming it has one.

try www.website.com/admincp/index.php or something like that. Really need more information on the type of web server (IE what did you SQL inject, and how?).

example of RFI

http://forum.chiangmai-thailand.com/langua...mages/true.gif??

a different shell

http://forum.chiangmai-thailand.com/langua...l%26d%3D%24HOME

good luck

0

Share this post


Link to post
Share on other sites

Thanks for the reply.

I am completely a nube in hacking and security so could you please give me more info about RFI and the shells you mentioned like how to use and stuff like that ?

Also give me some good resources for basics.

I made a simple SQL injection by injecting SQL server DML commands and created a user.

Edited by AjexMe
0

Share this post


Link to post
Share on other sites

You shouldn't ever find a vulnerabilty which gives the possibility of sql injection and remote file inclusion. Unless the developer actually smokes crack/it's a ho-ho-ho-honeypottttt.

Probably going to piss a few people off abit with a live rfi on google indexed site aswell.

If you used xp_cmdshell commands, and could log into cpanel it would be pretty damn cool considering it hasn't been released for windows platforms officially yet.

Sure its even a MS server? and its not running MySql?

0

Share this post


Link to post
Share on other sites

Its not so much the developers as the dumbass people who run the sites. I must be crazy because I have read this thread a couple times, and I don't understand why you don't think that a web server wouldn't contain both vulnerabilities, I've seen this so many times it makes me feel tingly just thinking about it!

Probably going to piss a few people off abit with a live rfi on google indexed site aswell.
Yea? Good I can die happy now ;) How else are people supposed to learn unless by doing and experiencing. Anywho, you'd be surprised what scripts and things end up on peoples servers anyways. I have no clue where you're going with the commandshell references, considering I didn't perform the injection. Edited by blackhat420
0

Share this post


Link to post
Share on other sites

I meant "a vulnerabilty" singular, as in spawning from the same variable. The point I was making with the command shell comments was, if you can use them, the server will be of MS breed, and as Cpanel is not yet released for ze MS, chances of logging in through an uninstalled/unwritten package is pretty low.

You can learn however you want, although documents and not leaving your ip in logs everywhere usually helps you learn more/not be a skid. Pissed off as in, getting a link indexed by google which increases binrev's skid magnet power.

0

Share this post


Link to post
Share on other sites

Its an MS SQL Server + ASP and running on a Windows 2000 Server and the site got some simple SQL injection vulnerability. I exploited this by injecting XPcmdshell commands through the URL and managed to create a local user with administrative privilliges. There i got stuck and i dont know what to do next. I am really new to this RFI stuff and all.....

0

Share this post


Link to post
Share on other sites

It may be possible, if you created an administrator account, for you go log into the MSSQL server remotely. This is only provided they are accepting remote connections to the server, not restricted to local. From there you can go for the gold and dump the entire database for analyzing and unhashing later. Are you trying to root the server for actual 'use' later or just get the data off of it?

0

Share this post


Link to post
Share on other sites

You can also try to telnet into the box and see if the account you created has access to the telnet service.

Also to the people mentioning cpanel and rfi scripts, cpanel is only used in conjunction with a linux web server and 99% of the rfi scripts are going to be meant for unix platforms and arent going to be as useful on a box running iis and mssql.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0