Results 1 to 4 of 4

Thread: Mysql 4.1.22 exploit

  1. #1
    Just burned his ISO
    Join Date
    Jun 2010
    Posts
    1

    Default Mysql 4.1.22 exploit

    hi all,this is my first post here,
    i heard there is a vulnerability in the mysql_execute_command() function,and i wonder how can we abuse this vuln,
    and also what would be the cracker if i want to crack the root user for mysql 4.1.22,it is on a windows machine,[i think], cos of [nt] i'm not sure
    that is what nmap found:
    MySQL 4.1.22-community-nt (protocol 10)
    thanks for helping

  2. #2
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default Re: Mysql 4.1.22 exploit

    -2) Realize that you don't understand anything about Vulnerability Assessment or Penetration Testing methodology(ies). Take some training.
    -1) Realize that you're probably going to break something and cause problems for yourself, a business, other people.

    0) Since its your machine or a machine you have written/documented permission to test you obviously know if it's NT or not..... Or you have sufficient skills to otherwise deduct the OS type and perhaps version.

    1) Check if the vulnerability exists (Nessus? OpenVAS? SCUBA? etc).
    2) Read up about the vulnerability (Secunia, Mitre, etc)
    3) Find a exploit for the vulnerability (Metasploit?)
    4) Read up on how to use Metasploit (or whatever).
    5) Configure Metasploit (or whatever) and run the exploit.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  3. #3
    Member macphail's Avatar
    Join Date
    Jun 2010
    Location
    East Coast, USA
    Posts
    164

    Default Re: Mysql 4.1.22 exploit

    wow.
    i'm going to try to get this in before you get closed down...

    you obviously are messing with a system that isn't yours and you have no prior knowledge of. if we completely disregard the "spoon feed me, please" nature of your post, you are still so in danger of total failure here it isn't even funny. if this was an authorized pen-test, something tells me you wouldn't have to ask these fundamental questions.

    at this point you have a limited window of time to somehow prove that you have authorization to hack this system before the ArchAngel of smackdowns notices your existence.

    good luck with that....


    EDIT:
    Damnit! thorin is faster with the beatings than i am!
    Last edited by macphail; 09-27-2010 at 07:22 PM. Reason: thorin is the man.
    -----------
    ~peace
    MacPhail

  4. #4
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default Re: Mysql 4.1.22 exploit

    To late, I noticed first.....

Similar Threads

  1. Replies: 1
    Last Post: 06-25-2010, 02:49 AM
  2. Replies: 0
    Last Post: 03-24-2010, 10:01 PM
  3. Mysql configure fix
    By galeran in forum OLD BackTrack 4 Software Related Issues
    Replies: 0
    Last Post: 12-23-2009, 03:43 PM
  4. Mysql problem
    By bluster in forum OLD Newbie Area
    Replies: 6
    Last Post: 09-19-2008, 08:19 AM
  5. Sun buy MySQL
    By Re@lity in forum OLD General IT Discussion
    Replies: 4
    Last Post: 01-18-2008, 04:26 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •