CVE-2016-6662 PoC — Oracle MySQL 远程代码执行漏洞/提权漏洞

Source

https://github.com/boompig/cve-2016-6662

Associated Vulnerability

Title:Oracle MySQL 远程代码执行漏洞/提权漏洞 (CVE-2016-6662)
Description:Oracle MySQL是美国甲骨文（Oracle）公司的一套开源的关系数据库管理系统。该数据库系统具有性能高、成本低、可靠性好等特点。 Oracle MySQL中的配置文件（my.cnf）存在远程代码执行漏洞。攻击者（本地或远程）可通过授权访问MySQL数据库（网络连接或类似phpMyAdmin的Web接口）或SQL注入方式，利用该漏洞向配置文件中注入恶意的数据库配置，导致以root权限执行任意代码，完全控制受影响的服务器。以下版本受到影响:Oracle MySQL 5.5.52及之前的版本，5.6.x

Readme

## About

Some help to explot CVE-2016-6662

## Warnings

Make sure to change the attacker IP in the c file before compiling

## Credit

All credit to original discoverer.

Writeups here:
http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html

Discussion here:
https://www.reddit.com/r/netsec/comments/52dgxh/mysql_remote_root_code_execution_privilege/

Files originally hosted here:
https://legalhackers.com/exploits/CVE-2016-6662/0ldSQL_MySQL_RCE_exploit.py
http://legalhackers.com/exploits/mysql_hookandroot_lib.c

File Snapshot


 [4.0K]  /data/pocs/564e0bde49892489b1cb7bae810566bab6cee724
├── [ 10K]  0ldSQL_MySQL_RCE_exploit.py
├── [ 305]  Makefile
├── [ 145]  mysql_hookandroot.c
├── [3.6K]  mysql_hookandroot_lib.c
├── [  26]  mysql_hookandroot_lib.h
└── [ 565]  README.md

0 directories, 6 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!