exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 77 RSS Feed

Files

MySQL 5.0.x Denial Of Service
Posted Dec 5, 2013
Authored by Neil Kettle

MySQL version 5.0.x suffers from an IF query handling remote denial of service vulnerability.

tags | exploit, remote, denial of service
advisories | CVE-2007-2583, OSVDB-34734
SHA-256 | fbd9482c8025c99f1db3846350ceee2b43d7498a1499d6e009ebd5dfd16c551d

Related Files

MySQL User-Defined (Linux) x32 / x86_64 sys_exec Local Privilege Escalation
Posted Aug 29, 2021
Authored by ninpwn

MySQL User-Defined (Linux) x32 / x86_64 sys_exec local privilege escalation exploit.

tags | exploit, local
systems | linux
SHA-256 | b562e8e6d56c7d3e2e28cd769077d9508fabb758d9e5d8db0035cde951f5ab11
MySQL User-Defined (Linux) x32 / x86_64 sys_exec Privilege Escalation
Posted Jan 29, 2019
Authored by D7X

MySQL User-Defined (Linux) x32 / x86_64 sys_exec function local privilege escalation exploit.

tags | exploit, local
systems | linux
SHA-256 | 84eacee611d9f2e6ea453e965b21ff87f7108be2012a03c08d64b8c9bced5a57
MySQL Edit Table 1.0 SQL Injection
Posted Oct 22, 2018
Authored by Ihsan Sencan

MySQL Edit Table version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | 8a3456c75957395a22a2a8ae80d668ad8b82507421bd39c72b28a4451650a93e
MySQL Smart Reports 1.0 Cross Site Scripting / SQL Injection
Posted May 23, 2018
Authored by Ozkan Mustafa Akkus

MySQL Smart Reports version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | f84eda3271059f08b9a99d7263f73d44a340114c34afcf6977c66cad9edbd3c7
MySQL Blob Uploader 1.7 Cross Site Scripting / SQL Injection
Posted May 23, 2018
Authored by Ozkan Mustafa Akkus

MySQL Blob Uploader version 1.7 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | 6fd698eb967b90203eea6bb081322800c08e24edea9eb038620a0aa69d08f339
MySQL Squid Access Report 2.1.4 Cross Site Scripting / SQL Injection
Posted Apr 18, 2018
Authored by Keerati T.

MySQL Squid Access Report version 2.1.4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
SHA-256 | cbe30d6907b93bb949d78cd6be272974741d9bc7e24f6af3e6d7f45b78e0342e
MySQL UDF Exploitation
Posted Feb 17, 2018
Authored by Osanda Malith

Whitepaper called MySQL UDF Exploitation.

tags | paper
SHA-256 | e3f1baa170d27afb7c63c85824246d5dacb72df1f9b55d3c574624348aab3380
Oracle MySQL UDF Payload Execution
Posted Dec 22, 2017
Authored by Tod Beardsley, Bernardo Damele, h00die | Site metasploit.com

This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL versions 5.5.9 and below, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE: This Metasploit module will leave a payload executable on the target system when the attack is finished, as well as the UDF DLL, and will define or redefine sys_eval() and sys_exec() functions.

tags | exploit
systems | windows
SHA-256 | e271ecc64a4930d48b45420b13646e62bddc742c830913aff948fcd6de464829
MySQL G0ld Brute Forcing Utility
Posted Jun 20, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

MySQL G0ld is a program that issues brute force attacks against a MySQL Server using a supplied wordlist.

tags | tool, cracker
systems | windows
SHA-256 | 299eef0e652415b8c1f3b2d435260b6ddfbe06b4ae900d2b7804cb6a236d4c68
MySQL 5.6.35 / 5.7.17 Integer Overflow
Posted May 1, 2017
Authored by Rodrigo Marcos

MySQL versions 5.6.35 and below and 5.7.17 and below suffer from an integer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-3599
SHA-256 | 0ee06e9ca07a91bdf300e8247f0088f5b1ec71f49b7ac4b052a8d6f34794a932
MySQL File Uploader 1.0 SQL Injection
Posted Feb 7, 2017
Authored by Ihsan Sencan

MySQL File Uploader version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection, file upload
SHA-256 | ec9e40dffdbb652970312b51baae3ead6d08f2bcc5afc81bffb79478a5a6d6e1
MySQL OOB Hacking
Posted Jan 29, 2017
Authored by Osanda Malith

This is a paper that discussing MySQL OOB hacking techniques under Windows.

tags | paper
systems | windows
SHA-256 | 2247188880eb740f7ce4589272459ef60a338fc40904dccee82018aa011cdc78
MySQL / MariaDB / PerconaDB Root Privilege Escalation
Posted Nov 2, 2016
Authored by Dawid Golunski

MySQL-based databases including MySQL, MariaDB and PerconaDB are affected by a privilege escalation vulnerability which can let attackers who have gained access to mysql system user to further escalate their privileges to root user allowing them to fully compromise the system. The vulnerability stems from unsafe file handling of error logs and other files.

tags | exploit, root
advisories | CVE-2016-6664
SHA-256 | ee10c5cd536b7cd793ebaa9a73ff8ae60ef21aeb38f837d26de4bd6c0456a67a
MySQL 5.7.15 / 5.6.33 / 5.5.52 Remote Code Execution
Posted Sep 12, 2016
Authored by Dawid Golunski

MySQL versions 5.7.15 and below, 5.6.33 and below, and 5.5.52 and below suffer from remote root code execution and privilege escalation vulnerabilities.

tags | exploit, remote, root, vulnerability, code execution
advisories | CVE-2003-0150, CVE-2016-6662
SHA-256 | 5e8a01e26f616b7e322e11ee4900c798c738b94ceece89ba36e9df202cdc0496
MySQL 5.5.45 64bit Local Credential Dislcosure
Posted Sep 5, 2016
Authored by Yakir Wizman

MySQL version 5.5.45 64-bit suffers from a local credential disclosure vulnerability.

tags | exploit, local, info disclosure
SHA-256 | d5d580430a80f0c080da71316f664382b08040892691409270d49161773fb974
MySQL Procedure Analyse Denial Of Service
Posted May 28, 2016
Authored by Osanda Malith

MySQL Procedure Analyse denial of service exploit that affects versions up to 5.5.45.

tags | exploit, denial of service
advisories | CVE-2015-4870
SHA-256 | d572109b0189ecd815c569ad47520780444acf35842b036897634bb7c97017fb
MySQL Error Based SQL Injection Using EXP
Posted Aug 22, 2015
Authored by Osanda Malith

This paper discusses an overflow in the DOUBLE data type in MySQL.

tags | paper, overflow
SHA-256 | 994da41348fedec81430a33635725f5ef5bf21eaded32a286053dfd2938cf982
Oracle MySQL for Microsoft Windows FILE Privilege Abuse
Posted Jan 12, 2015
Authored by sinn3r | Site metasploit.com

This Metasploit module takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers. This Metasploit module abuses the FILE privilege to write a payload to Microsoft's All Users Start Up directory which will execute every time a user logs in. The default All Users Start Up directory used by the module is Windows 7 friendly.

tags | exploit
systems | windows
advisories | OSVDB-88118
SHA-256 | 4f82b9e9bf5035178dee3ab985bc03afde702dd4e7ca3f166360be5aa2dd3474
Oracle MySQL For Microsoft Windows MOF Execution
Posted Dec 7, 2012
Authored by Kingcope, sinn3r | Site metasploit.com

This Metasploit modules takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers (due to the use of a .mof file). This may result in arbitrary code execution under the context of SYSTEM. However, please note in order to use this module, you must have a valid MySQL account on the target machine.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2012-5613
SHA-256 | 4bdddccff72e6f861ece38c09f5e2d07982390d9788ff9574617a88479fcf1dc
Oracle MySQL User Account Enumeration Utility
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL suffers from a user enumeration vulnerability. This is a utility that demonstrates the issue.

tags | exploit
advisories | CVE-2012-5615
SHA-256 | 8460a0977a201113cdd0cf16e055c51392db08aa506165c818a881ce632dbd1d
Oracle MySQL Windows Stuxnet Technique SYSTEM Exploit
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL on Windows remote exploit that leverages file privileges to obtain a SYSTEM shell.

tags | exploit, remote, shell
systems | windows
SHA-256 | 4a2e64891b58bc7a154f2b70367e520bd51dde3d72bf67966ad91a32725a0244
Oracle MySQL 5.5.19-log Denial Of Service
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL version 5.5.19-log on SuSE Linux suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | linux, suse
advisories | CVE-2012-5614
SHA-256 | e7b152542270e8ccb148f030520930976460470f663a3f3d19c5f09cba1871f5
Oracle MySQL Privilege Escalation
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL on Linux suffers from a vulnerability that allows an attacker to add a new admin user.

tags | exploit
systems | linux
advisories | CVE-2012-5613
SHA-256 | d1601135651994faddfc10c91567f145058d6d888036e2073e79b83518277a4f
Oracle MySQL Heap Overrun
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL on Linux suffers from a heap overrun vulnerability.

tags | exploit, overflow
systems | linux
advisories | CVE-2012-5612
SHA-256 | aa61b4faa2cc9c52276bbcea35e5861199148c06c5182c06981f429b55af2c0e
Oracle MySQL Server 5.5.19-log Stack-Based Overrun
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL versions 5.5.19-log and below for Linux suffer from a stack-based overrun. This exploit yields a shell as the mysql uid.

tags | exploit, overflow, shell
systems | linux
advisories | CVE-2012-5611
SHA-256 | 5230a2630c6fb8619813731a9429b6e733b55892232e63ae4cde28452b203583
Page 1 of 4
Back1234Next

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    0 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close