exploit the possibilities
Showing 1 - 25 of 77 RSS Feed

Files

MySQL Injection Whitepaper
Posted Jun 14, 2010
Authored by s4r4d0

Whitepaper on MySQL Injection.

tags | paper, sql injection
MD5 | 3b118779a00f06479c87f90b6938ddf6

Related Files

MySQL User-Defined (Linux) x32 / x86_64 sys_exec Privilege Escalation
Posted Jan 29, 2019
Authored by D7X

MySQL User-Defined (Linux) x32 / x86_64 sys_exec function local privilege escalation exploit.

tags | exploit, local
systems | linux
MD5 | 6836b2b8653660838622bcc3b783c738
MySQL Edit Table 1.0 SQL Injection
Posted Oct 22, 2018
Authored by Ihsan Sencan

MySQL Edit Table version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
MD5 | 19c3b4630111dd4e32c4693e85b43bd9
MySQL Smart Reports 1.0 Cross Site Scripting / SQL Injection
Posted May 23, 2018
Authored by Ozkan Mustafa Akkus

MySQL Smart Reports version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 1deb436274ece79190d4578f0b25e4ab
MySQL Blob Uploader 1.7 Cross Site Scripting / SQL Injection
Posted May 23, 2018
Authored by Ozkan Mustafa Akkus

MySQL Blob Uploader version 1.7 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 0df31f3773a11ec980d7bbd206341fd6
MySQL Squid Access Report 2.1.4 Cross Site Scripting / SQL Injection
Posted Apr 18, 2018
Authored by Keerati T.

MySQL Squid Access Report version 2.1.4 suffers from cross site scripting and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, xss, sql injection
MD5 | 57dcbbb92acfac828907d96c7d9bebee
MySQL UDF Exploitation
Posted Feb 17, 2018
Authored by Osanda Malith

Whitepaper called MySQL UDF Exploitation.

tags | paper
MD5 | 274e9471a6448b9f3cf177b0869dd261
Oracle MySQL UDF Payload Execution
Posted Dec 22, 2017
Authored by Tod Beardsley, Bernardo Damele, h00die | Site metasploit.com

This Metasploit module creates and enables a custom UDF (user defined function) on the target host via the SELECT ... into DUMPFILE method of binary injection. On default Microsoft Windows installations of MySQL versions 5.5.9 and below, directory write permissions not enforced, and the MySQL service runs as LocalSystem. NOTE: This Metasploit module will leave a payload executable on the target system when the attack is finished, as well as the UDF DLL, and will define or redefine sys_eval() and sys_exec() functions.

tags | exploit
systems | windows
MD5 | bcf3d2156b2ec4dfa9eb9e73784fb039
MySQL G0ld Brute Forcing Utility
Posted Jun 20, 2017
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

MySQL G0ld is a program that issues brute force attacks against a MySQL Server using a supplied wordlist.

tags | tool, cracker
systems | windows
MD5 | e0087db2fc7abccc98bd40d8d96cf170
MySQL 5.6.35 / 5.7.17 Integer Overflow
Posted May 1, 2017
Authored by Rodrigo Marcos

MySQL versions 5.6.35 and below and 5.7.17 and below suffer from an integer overflow vulnerability.

tags | exploit, overflow
advisories | CVE-2017-3599
MD5 | b75b270cdc0e95780d2eb0566b2c31c7
MySQL File Uploader 1.0 SQL Injection
Posted Feb 7, 2017
Authored by Ihsan Sencan

MySQL File Uploader version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection, file upload
MD5 | 2b578f3df732e92d1d7b03346ac69305
MySQL OOB Hacking
Posted Jan 29, 2017
Authored by Osanda Malith

This is a paper that discussing MySQL OOB hacking techniques under Windows.

tags | paper
systems | windows
MD5 | f927be9e4e0c76f1ea9267c22544c206
MySQL / MariaDB / PerconaDB Root Privilege Escalation
Posted Nov 2, 2016
Authored by Dawid Golunski

MySQL-based databases including MySQL, MariaDB and PerconaDB are affected by a privilege escalation vulnerability which can let attackers who have gained access to mysql system user to further escalate their privileges to root user allowing them to fully compromise the system. The vulnerability stems from unsafe file handling of error logs and other files.

tags | exploit, root
advisories | CVE-2016-6664
MD5 | 73b41ab8c5b59bd8889f73c2538d4f62
MySQL 5.7.15 / 5.6.33 / 5.5.52 Remote Code Execution
Posted Sep 12, 2016
Authored by Dawid Golunski

MySQL versions 5.7.15 and below, 5.6.33 and below, and 5.5.52 and below suffer from remote root code execution and privilege escalation vulnerabilities.

tags | exploit, remote, root, vulnerability, code execution
advisories | CVE-2003-0150, CVE-2016-6662
MD5 | a33bd7f960992093ff0e37dd88d8076f
MySQL 5.5.45 64bit Local Credential Dislcosure
Posted Sep 5, 2016
Authored by Yakir Wizman

MySQL version 5.5.45 64-bit suffers from a local credential disclosure vulnerability.

tags | exploit, local, info disclosure
MD5 | 2812e4f1438b6f0e24edeecbd7ca8889
MySQL Overflows / Memory Corruption / Format String
Posted Jul 21, 2016
Authored by Nicholas Lemonias

MySQL versions 5.7.12 and below suffer from integer overflow, buffer overflow, memory corruption, and format string vulnerabilities.

tags | advisory, overflow, vulnerability
advisories | CVE-2016-3477
MD5 | 9ff046aa258bd477bb9020f04cba4c41
MySQL Procedure Analyse Denial Of Service
Posted May 28, 2016
Authored by Osanda Malith

MySQL Procedure Analyse denial of service exploit that affects versions up to 5.5.45.

tags | exploit, denial of service
advisories | CVE-2015-4870
MD5 | 1a85e20529f00c83a924fa4025add3b4
MySQL 5.6.24 Buffer Overflow
Posted Oct 7, 2015
Authored by Nicholas Lemonias

MySQL version 5.6.24 suffers from multiple buffer overflow vulnerabilities.

tags | exploit, overflow, vulnerability
advisories | CVE-2016-0546
MD5 | 7ef3230eff96f619204c48a4405001d3
MySQL Error Based SQL Injection Using EXP
Posted Aug 22, 2015
Authored by Osanda Malith

This paper discusses an overflow in the DOUBLE data type in MySQL.

tags | paper, overflow
MD5 | 6719c22c4e76623f9156b543969a0c83
Oracle MySQL for Microsoft Windows FILE Privilege Abuse
Posted Jan 12, 2015
Authored by sinn3r | Site metasploit.com

This Metasploit module takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers. This Metasploit module abuses the FILE privilege to write a payload to Microsoft's All Users Start Up directory which will execute every time a user logs in. The default All Users Start Up directory used by the module is Windows 7 friendly.

tags | exploit
systems | windows, 7
advisories | OSVDB-88118
MD5 | 01b957cce66f751708896b6c29334a0f
MySQL 5.0.x Denial Of Service
Posted Dec 5, 2013
Authored by Neil Kettle

MySQL version 5.0.x suffers from an IF query handling remote denial of service vulnerability.

tags | exploit, remote, denial of service
advisories | CVE-2007-2583, OSVDB-34734
MD5 | ccdb986362621ab28a3aa95d51452078
Oracle MySQL For Microsoft Windows MOF Execution
Posted Dec 7, 2012
Authored by Kingcope, sinn3r | Site metasploit.com

This Metasploit modules takes advantage of a file privilege misconfiguration problem specifically against Windows MySQL servers (due to the use of a .mof file). This may result in arbitrary code execution under the context of SYSTEM. However, please note in order to use this module, you must have a valid MySQL account on the target machine.

tags | exploit, arbitrary, code execution
systems | windows
advisories | CVE-2012-5613
MD5 | b018f0d01c159599ccc86e730647c227
Oracle MySQL User Account Enumeration Utility
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL suffers from a user enumeration vulnerability. This is a utility that demonstrates the issue.

tags | exploit
advisories | CVE-2012-5615
MD5 | 1f1d8075312eddb4eecfd8556cb24014
Oracle MySQL Windows Stuxnet Technique SYSTEM Exploit
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL on Windows remote exploit that leverages file privileges to obtain a SYSTEM shell.

tags | exploit, remote, shell
systems | windows
MD5 | c27279dbaad2797c961cf10a218675ee
Oracle MySQL 5.5.19-log Denial Of Service
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL version 5.5.19-log on SuSE Linux suffers from a denial of service vulnerability.

tags | exploit, denial of service
systems | linux, suse
advisories | CVE-2012-5614
MD5 | 42dabfd0d259adacd6ed7bb25e70ee3f
Oracle MySQL Privilege Escalation
Posted Dec 3, 2012
Authored by Kingcope

Oracle MySQL on Linux suffers from a vulnerability that allows an attacker to add a new admin user.

tags | exploit
systems | linux
advisories | CVE-2012-5613
MD5 | a021c33c9e1f8d6bf9f971fdab61fac2
Page 1 of 4
Back1234Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    32 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close