CVE-2012-2122

This is a PHP-based scanner for CVE-2012-2122, which targets MySQL servers with weak authentication. It attempts to connect to MySQL instances using a random password and, if successful, dumps user credentials from the 'mysql.user' table.

This repository provides a writeup and environment setup for CVE-2012-2122, an authentication bypass vulnerability in MySQL/MariaDB due to incorrect handling of password comparisons. It includes instructions for reproducing the flaw using a brute-force approach.

This repository provides a Docker-based lab environment to demonstrate CVE-2012-2122, a MySQL authentication bypass vulnerability affecting versions 5.5.23 and earlier. It includes an automated flag generation script for training purposes.

This Go-based PoC exploits CVE-2012-2122, a MySQL authentication bypass vulnerability, by repeatedly attempting to connect with incorrect credentials. It retrieves user credentials from the 'mysql.user' table upon successful exploitation.

This exploit leverages a MySQL authentication bypass vulnerability (CVE-2012-2122) by repeatedly attempting to authenticate as 'root' with an incorrect password. The flaw in MySQL's memcmp implementation allows authentication to succeed after multiple failed attempts.

This Metasploit module exploits CVE-2012-2122, an authentication bypass vulnerability in MySQL/MariaDB, to dump username and password hashes. It uses a brute-force approach to bypass authentication by sending repeated login attempts with random passwords.