fuzzdb/attack/sql-injection/exploit/README.md


various useful post-exploitation commands

**ms-sql-enumeration.fuzz.txt**
* ms-sqli info disclosure payload fuzzfile
* replace regex with your fuzzer for best results <attackerip> <sharename>
* run wireshark or tcpdump, look for incoming smb or icmp packets from victim
* might need to terminate payloads with ;--


**mysql-injection-login-bypass.fuzz.txt**
* regex replace as many as you can with your fuzzer for best results:
* <user-fieldname> <pass-fieldname> <username> 
* also try to brute force a list of possible usernames, including possile admin acct names

**mysql-read-local-files.fuzz.txt**
* mysql local file disclosure through sqli
* fuzz interesting absolute filepath/filename into <filepath>
doc relocation and renaming update 2015-09-11 23:39:11 +00:00
			`various useful post-exploitation commands`

formatting 2015-09-16 03:02:34 +00:00			`ms-sql-enumeration.fuzz.txt`
			`* ms-sqli info disclosure payload fuzzfile`
			`* replace regex with your fuzzer for best results <attackerip> <sharename>`
			`* run wireshark or tcpdump, look for incoming smb or icmp packets from victim`
			`* might need to terminate payloads with ;--`
doc relocation and renaming update 2015-09-11 23:39:11 +00:00

formatting 2015-09-16 03:02:34 +00:00			`mysql-injection-login-bypass.fuzz.txt`
			`* regex replace as many as you can with your fuzzer for best results:`
			`* <user-fieldname> <pass-fieldname> <username>`
			`* also try to brute force a list of possible usernames, including possile admin acct names`
doc relocation and renaming update 2015-09-11 23:39:11 +00:00
formatting 2015-09-16 03:02:34 +00:00			`mysql-read-local-files.fuzz.txt`
			`* mysql local file disclosure through sqli`
			`* fuzz interesting absolute filepath/filename into <filepath>`