MySQL is an open-source relational database management system.
2
votes
1answer
71 views
is root@localhost the same as Unix root with GUID = 0 and ID = 0?
Is a Mysql root user (root@localhost) the same as the computer root account (GUID = 0, ID = 0) ?
I mean, is it the root which is executing the script?
How can I know if the users are the same?
1
vote
0answers
34 views
MySQL Database Activity Monitoring Solutions [closed]
We are looking for a DAM solution for MySQL.
There is of course GreenSQL but it seems to lack some of the features we desire like robust filtering of reports for export purposes, etc. It's very ...
1
vote
1answer
78 views
sql injection: use WHERE statement in address bar
How can i use "Where" statement during an sql-injection attack in address bar ?
for example:
... from+information_schema.TABLES+where+TABLE_SCHEMA+=+XXXX--
The code above does not work.
2
votes
1answer
65 views
Using mysql root account to execute root commands
Suppose that I have full root access to mysql databases, but not root user shell (linux). How can I use the full root access to mysql databases to execute root commands?
6
votes
1answer
129 views
Store user passwords in NoSQL database?
I am currently coding the backend of a website and I have not come across an article where this is discussed. I want to store all my application data in MongoDB but I'd like to split out my sensitive ...
3
votes
2answers
45 views
securing unpatched websites
I have a client with a lot (read several thousand) websites in several old cms solutions that are no longer maintained. Now moving all of them to a maintained solution isn't really an option at this ...
-1
votes
1answer
346 views
How to hack linux from phpMyAdmin? [closed]
I got the username and the password for phpMyAdmin, and i am trying to hack the operating system "linux". i tried to create an payload.php file which is a pyaload taken form metasploit.
i encoded the ...
4
votes
3answers
78 views
Drupal Security & Two DBs
I use drupal for our site. It uses nodes that store data. We link lots of these nodes together to allow us to log jobs, customer info, invoices etc. These are linked via an addon drupal module. If I ...
15
votes
4answers
310 views
How to convince coworkers to not store credit card numbers ourselves
The company I work for needs a system to perform monthly credit card charges to customer accounts. Customers will be able to update their credit card information from an online interface written in ...
2
votes
2answers
94 views
Is this logic security / performance wise or not?
Each physical user will have about 20 tables in the database.
When a new user registers, another 20 tables will be created with access only for their new MySQL account.
Data does not have to be ...
3
votes
2answers
100 views
Do LAMP log files sometimes contain sensitive information?
I will have a LAMP web server with CentOS and cPanel. With this setup, is it possible for any server log files, whether regular or error logs, to contain sensitive information in them, such as ...
4
votes
1answer
75 views
Should I take care of mysql credentials?
My mysql server is configured to not allow remote connection.
Should I seriously care about mysql user and password in this case?
6
votes
3answers
361 views
Should IP addresses be validated to prevent SQL Injection?
In PHP I retrieve a user's IP address ($_SERVER['REMOTE_ADDR']) to use it in some MySQL queries, but I do not validate them to be true IP addresses.
Should I validate user IP addresses before using ...
1
vote
2answers
82 views
Do these mysql and ssh issues mean my rails server was hacked?
I'm running a rails application on an ubuntu server on slicehost. I got a pingdom alert that the server was unreachable, so I tried to load the website in my browser. It showed a Passenger error, ...
1
vote
2answers
156 views
Strange Pharma Spam Site resulting from DAT file created by SQL Injection?
Working on cleaning up a site compromise for a client. Leaving aside that the site is using bunch of custom CodeIgniter code written by someone who had no concept of security, I've ran into a ...
