Im not convinced you would get through the firewalls we use, so im a bad example, but yeah exactly that point in principle.

Its even simpler than that though if you have full database access, just enter any fucking IP you want into the database next to whatever reply you want, looking at the data after its been hacked is utterly fucking pointless, it will show whatever the hacker wants it to show, simple as that!