Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion

search


This page contains all of the posts and discussion on MemeStreams referencing the following web page: Remote Database management... now with a backdoor!. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

Remote Database management... now with a backdoor!
by Acidus at 2:45 pm EST, Jan 11, 2007

This article started up quite nicely about about how to run SQL commands against a database in a shared hosting environment where you don't have a SQL console access.

It quickly spiraled into creating a webpage that will run arbitrary .SQL commands against a database.

Once uploaded, hit the remote RunSQL.aspx page via your browser. This will cause the page on your remote server to parse the .SQL file, and execute all of its statements.

A picture is worth one thousand words.

Granted the article says to use obscure filenames and to delete it when you are done, but we all know most people won't. That like giving a kid a gun and reminding them to put on ear protection ahead of time and to clean it properly once they have finish shooting themselves in the foot!

Scott Guthrie may be smart but this deserves a "WTF were you thinking!"


 
 
Powered By Industrial Memetics