Several 0day exploits for MySQL and not only from @Kingcope
Three days ago (December 2), Kingcope suddenly published several exploits (including 0day), mainly for MySQL (win / linux)
Most exploits for MySQL require an already created user.
MySQL (Linux) Database Privilege Elevation Zeroday Exploit demonstration
Some exploits are already ported to module-exploits for MetaSploit ( [1] , [2] )
')
According to reviews, exploits work. As Kingcope itself writes, its MySQL exploits have been tested on the latest versions of packages in Debian Lenny, SUSE and openSUSE distributions.
- IBM System Director Remote System Level Exploit
- MySQL (Linux) Heap Based Overrun PoC Zeroday
- MySQL Denial of Service Zeroday PoC
- MySQL (Linux) Database Privilege Elevation Zeroday Exploit
- MySQL 5.1 / 5.5 WiNDOWS REMOTE R00T (mysqljackpot)
- MySQL (Linux) Stack Based Buffer Overrun PoC Zeroday
- MySQL Remote Preauth User Enumeration Zeroday
- MySQL Windows Remote System Level Exploit (Stuxnet technique) 0day
- FreeSSHD Remote Authentication Bypass Zeroday Exploit
- FreeFTPD Remote Authentication Bypass Zeroday Exploit
- SSH.com Communications SSH Tectia Authentication Bypass Remote Zeroday Exploit
Most exploits for MySQL require an already created user.
MySQL (Linux) Database Privilege Elevation Zeroday Exploit demonstration
Some exploits are already ported to module-exploits for MetaSploit ( [1] , [2] )
')
According to reviews, exploits work. As Kingcope itself writes, its MySQL exploits have been tested on the latest versions of packages in Debian Lenny, SUSE and openSUSE distributions.
Source: https://habr.com/ru/post/161411/
All Articles