Dmitry Dmodeus
Sep 5, 2018 · 1 min read

The trick is how “read-only” user defined — if a user cannot modified tables, can he/she modify file system itself?

  1. Statements that can dump output to file system like “SELECT INTO OUTFILE”
  2. User can still have permissions to system commands like xp_cmdshell

Another problem with read-only db is enumeration. Tables may not store anything sensitive, but an attacker can request a database version and applied patches through Select statement. DB version can be not vulnerable or not really exploitable from outside but still…

    Dmitry Dmodeus

    Written by