CVE-2021-27928

This exploit leverages a vulnerability in MariaDB/MySQL's wsrep_provider configuration to execute arbitrary OS commands by loading a malicious shared object file. The PoC generates a reverse shell payload using msfvenom and triggers execution via a MySQL query.

This PoC demonstrates OS command execution in MariaDB/MySQL via the 'wsrep_provider' parameter by loading a malicious shared object file. It requires a reverse shell payload generated with msfvenom and execution via MySQL commands.

This PoC demonstrates a remote code execution vulnerability in MariaDB and Percona Server by leveraging an untrusted search path to execute arbitrary OS commands via modified wsrep_provider and wsrep_notify_cmd settings. The exploit involves uploading a malicious shared object file and triggering its execution through database configuration changes.

This repository provides a Dockerized environment for exploiting CVE-2021-27928, a vulnerability in MariaDB. It sets up a vulnerable MariaDB instance and installs Metasploit for exploitation.

This repository provides a proof-of-concept exploit for CVE-2021-27928, which allows OS command execution in MariaDB/MySQL via the `wsrep_provider` and `wsrep_notify_cmd` system variables. The exploit uses a reverse shell payload generated with `msfvenom` and leverages Docker for a controlled environment.