Greetings,
I was testing a web-server, where I explored certain vulnerabilities in wordpress, allowing me to download arbitrary files from the web-server. I gained the authorization credentials to the database, but this time there was something new. I couldn't connect to the web-server's databse at 3306 port(Mysql). The reason here was that my the DBA has only allowed a specific group of users to connect.
Now, if someone could help me out here, could be really great.
My question here is, how to bypass this restriction of connection to the database remotely.
P.S: This is doesnot intend to harm anyone.I take full responsibility of the information I am going to learn will not harm anyone, and is just seeked in regard of knowledge.
Thank you! :)
2 Responses
well if you can't access to the db you may try these things
-The Philosopher
Thank you so much for replying.
But, I was working on a way to penetrate the database only, neglecting the other ports.
I did some research myself, found out we can remotely ssh to the database through the target's localhost itself. But, this way we require ssh credentials as well, which is another issue.
So here my question is how can I communicate with the database?
Uploading a shell script might help, but a different approach is always present right!? :D
Share Your Thoughts