Exploitation Summary
EIP tracks 7 public exploits for CVE-2012-5613.
PoCs published by Metasploit, kingcope, Hood3dRob1n, including Metasploit module exploits/windows/mysql/mysql_mof.
AI-analyzed exploit summary This exploit abuses the MySQL FILE privilege on Windows to write a payload to the All Users Startup folder, achieving persistence. It requires valid MySQL credentials and targets Windows systems.
Description
MySQL 5.5.19 and possibly other versions, and MariaDB 5.5.28a and possibly other versions, when configured to assign the FILE privilege to users who should not have administrative privileges, allows remote authenticated users to gain privileges by leveraging the FILE privilege to create files as the MySQL administrator. NOTE: the vendor disputes this issue, stating that this is only a vulnerability when the administrator does not follow recommendations in the product's installation documentation. NOTE: it could be argued that this should not be included in CVE because it is a configuration issue.
Exploits (7)
This exploit abuses the MySQL FILE privilege on Windows to write a payload to the All Users Startup folder, achieving persistence. It requires valid MySQL credentials and targets Windows systems.
This Metasploit module exploits a file privilege misconfiguration in Oracle MySQL for Windows (CVE-2012-5613) to achieve arbitrary code execution as SYSTEM. It uploads a malicious MOF file and a payload executable to the target system via MySQL's DUMPFILE functionality.
This exploit leverages a MySQL privilege escalation vulnerability (CVE-2012-5613) by creating a malicious trigger file to elevate privileges of a low-privileged user to admin. It requires the attacker to have FILE privileges to write the trigger file and crashes the MySQL server to force a reload of the configuration.
This is a Ruby-based MySQL client tool that includes an exploit for CVE-2012-5613, a Linux MySQL privilege escalation vulnerability. It provides various MySQL interaction features, including file read/write, shell execution, and privilege escalation.
This is a Python script that automates the exploitation of CVE-2012-5613, a MySQL UDF (User-Defined Function) privilege escalation vulnerability. It compiles and loads a malicious UDF shared library to execute arbitrary code with root privileges.
This Metasploit module exploits a file privilege misconfiguration in MySQL for Windows (CVE-2012-5613) by uploading a malicious MOF file to achieve SYSTEM-level code execution. It requires valid MySQL credentials and targets Windows systems prior to Vista.
This Metasploit module exploits a file privilege misconfiguration in MySQL for Windows, allowing an authenticated attacker to write a malicious executable to the All Users Startup directory, achieving persistence and remote code execution upon user login.