|
Full Disclosure
mailing list archives
Re: MySQL (Linux) Database Privilege Elevation Zeroday Exploit
From: kai () rhynn net
Date: Tue, 04 Dec 2012 07:25:32 +0700
Hi all,
wrote some shitcode for mysql user&hash enumeration when having FILE
privilege. surely you could do it with simple bash one-liner using
mysql+grep+sed, but we're not going the easy way, right?
the first thought was "hey, what about changing root password directly
in file user.MYD?" but then...
file_name cannot be an existing file, which among other things
prevents files such as /etc/passwd and database tables from being
destroyed.
anyway we have Nvidia cards and Hashcat.
Cheers,
Kai
Attachment:
mysql_file.php
Description:
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
|
