Re: MySQL compromise

From: Marco Ivaldi (raptor@mediaservice.net)
Date: Tue Jan 15 2008 - 05:24:57 EST

• Next message: Marco Ivaldi: "Re: Testing ORACLE application"
• Previous message: Siim Põder: "Re: Simple Buffer Overflow"
• In reply to: Laszlo KLOCK: "Re: MySQL compromise"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Clone,

On Tue, 8 Jan 2008, Laszlo KLOCK wrote:

> Hi!
>
> It's possible with mysql UDF-s, like this one:
> http://www.0xdeadbeef.info/exploits/raptor_udf.c

On newer MySQL releases (starting from 4.1.10a and 4.0.24), you should use
this instead:

http://www.0xdeadbeef.info/exploits/raptor_udf2.c

If your target MySQL is running on Windows, you'll probably be able to use
this pre-packaged reverse shell and command execution UDF backdoor:

http://www.0xdeadbeef.info/exploits/raptor_winudf.tgz

Cheers,

-- 
Marco Ivaldi, OPST
Chief Security Officer    Data Security Division
@ Mediaservice.net Srl    http://mediaservice.net/
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------

• Next message: Marco Ivaldi: "Re: Testing ORACLE application"
• Previous message: Siim Põder: "Re: Simple Buffer Overflow"
• In reply to: Laszlo KLOCK: "Re: MySQL compromise"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:20 EDT