Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-6662 PoC — Oracle MySQL 远程代码执行漏洞/提权漏洞

Source
https://github.com/Ashrafdev/MySQL-Remote-Root-Code-Execution
Associated Vulnerability
Title:Oracle MySQL 远程代码执行漏洞/提权漏洞 (CVE-2016-6662)
Description:Oracle MySQL是美国甲骨文(Oracle)公司的一套开源的关系数据库管理系统。该数据库系统具有性能高、成本低、可靠性好等特点。 Oracle MySQL中的配置文件(my.cnf)存在远程代码执行漏洞。攻击者(本地或远程)可通过授权访问MySQL数据库(网络连接或类似phpMyAdmin的Web接口)或SQL注入方式,利用该漏洞向配置文件中注入恶意的数据库配置,导致以root权限执行任意代码,完全控制受影响的服务器。以下版本受到影响:Oracle MySQL 5.5.52及之前的版本,5.6.x
Description
0ldSQL_MySQL_RCE_exploit.py (ver. 1.0) (CVE-2016-6662) MySQL Remote Root Code Execution / Privesc PoC Exploit    For testing purposes only. Do no harm.
Readme
"# MySQL-Remote-Root-Code-Execution"
File Snapshot

 [4.0K]  /data/pocs/27a7a88419f07930d915a241011c31a51c83d251
├── [ 39K]  description.txt
├── [8.5K]  rce_mysql.py
└── [  38]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.