[sqlmap-users] Deploy&Create SSH/tunnel with compromised MSSQL server
Brought to you by:
inquisb
Menu
▾
▴
[sqlmap-users] Deploy&Create SSH/tunnel with compromised MSSQL server
|
From: Alok K. <alo...@gm...> - 2013-05-25 05:55:47
|
Hello friends, I desperately need your help in my post exploitation phase. After exploiting the sql injection(time-based) vulnerability using sqlmap, I got OS-Shell> of compromised database server, however I failed to inject meterpreter with an error stating that injection failed due to Antivirus..bla..bla.. I didn't tried VNC yet, but my prediction is it may fail as well. Also my assumption is the compromised database configured to communicate with application server on LAN IP and has no public facing internet configuration, means no direct internet access. OS-Shell> response is very slow, it takes 4-8 hours to respond to simple command like "net user" :( Now in this situation can we deploy and create some tunnel to database, which is faster and give quick response to further probing such as scan the internal of their network? (Fyi, this is an ongoing authorized penetration test exercise) kindly HELP Regards, Alok |
