MySQL/MariaDB/Percona - Race Cond CVE-2016-6663 & Root PrivEsc CVE-2016-6664 PoC Exploits
[Youtube Data] Public Data - [CVE-2016-6663 & CVE-2016-6664 : Exploits]
์ ๋ชฉ : MySQL/MariaDB/Percona - Race Cond CVE-2016-6663 & Root PrivEsc CVE-2016-6664 PoC Exploits
์ฃผ์ : ํ ์คํธ ์ด์ธ์ ๋ชฉ์ ์ผ๋ก ๋ฐ์ ๋๋ ๋ฌธ์ ์ ์ ๋ํด์๋ ํ๋ก๊ทธ๋จ์ ์ฌ์ฉํ๋ ์ฌ์ฉ์๊ฐ ์ฑ ์์ ์ง์ ์ผ ํ๋ค๋ ๊ฒ์ ์๋ ค ๋๋ฆฝ๋๋ค.
Disclaimer: I am not responsible for any damage done using this tool. This tool should only be used for educational purposes and for penetration testing.
๋ด์ฉ :
๊ณต๊ฒฉ์๋ CVE-2016-6663 ์ทจ์ฝ์ ์ ์ด์ฉํ์ฌ ์น ์ฌ์ฉ์ ๊ถํ ํ๋ ํ๊ณ CVE-2016-6664 ์ทจ์ฝ์ exploit ์ ํตํด root ๊ถํ์ ํ๋ ํ๋ ๋ฐฉ๋ฒ ์ ๋๋ค.
ํด๋น ์ทจ์ฝ์ ์ ๋ค์ํ ๋ฒ์ ์์ ๋ฐ์ ๋ฉ๋๋ค.
--- CVE-2016-6663 ---
MariaDB [5.5.52 , 10.1.18 , 10.0.28]
MySQL [5.5.51 , 5.6.32 , 5.7.14]
Percona Server [5.5.51-38.2 , 5.6.32-78-1 , 5.7.14-8]
Percona XtraDB Cluster [5.6.32-25.17 , 5.7.14-26.17 , 5.5.41-37.0]
--- CVE-2016-6664 ---
MySQL [5.5.51 , 5.6.32 , 5.7.14]
MariaDB [ All current ]
Percona Server [5.5.51-38.2 , 5.6.32-78-1 , 5.7.14-8]
Percona XtraDB Cluster [5.6.32-25.17 , 5.7.14-26.17 , 5.5.41-37.0]
ํด๊ฒฐ๋ฐฉ์์ผ๋ก๋ ์ต์ ๋ฒ์ ์ ๋ณด์ ์ ๋ฐ์ดํธ ์ํ ํ์๊ธฐ ๋ฐ๋๋๋ค.
Description :
MySQL / MariaDB / Percona - PoC/Demo Exploit Video for the following vulns:
Race Condition (CVE-2016-6663 / CVE-2016-5616)
Root Privilege Escalation (CVE-2016-6664 / CVE-2016-5617)
In the video, first, exploitation of CVE-2016-6663 Race Condition vuln is shown on 3 different hosts running MySQL, MariaDB and Percona in their default configuration leading to escalation of privileges to mysql system user (mysql shell).
Finally, the exploitation of CVE-2016-6664 is shown on the last target (running Percona database) - leading to escalation to root account (rootshell)
Last updated
Was this helpful?