Looks interesting, There are clearly a bunch of flaws :-) FTP to webserver user root login from webserver to MySQL terminal access to webserver Mailserver runs as privileged user Kind regards/met vriendelijke groet, Serge Fonville http://www.sergefonville.nl 2014-12-27 14:47 GMT+01:00 Stuart Dallas <stuart@xxxxxxxx>: > Came across this today and thought it might be of interest. Some food for > thought at the very least. > > > http://vimeo.com/11213607 > > > > Note that the whole scenario starts with a lack of adequate MySQL > escaping. The smallest vulnerability can lead to a massive intrusion. > > > -Stuart > > > -- > Stuart Dallas > 3ft9 Ltd > http://3ft9.com/
