Wednesday, June 13, 2012

Exploiting MySQL Authentication Bypass Vulnerability (CVE-2012-2122)

via @ampliasecurity: This week in videos: Exploiting MySQL Authentication Bypass Vulnerability (CVE-2012-2122) http://youtu.be/Mg5iUjOpusE?hd=1

Exploitation of this critical vulnerability is trivial and requires only to perform several authentication attempts with any password and a valid username until the MySQL server grants access.

After successful exploitation this exploit dumps information from the target MySQL server such as: version, available databases, password hashes of MySQL users to be cracked later, dumps some system files, in this example, /etc/password, etc. Depending on the configuration of the target MySQL server and privileges of the user selected other actions can be performed.

More information:
http://seclists.org/oss-sec/2012/q2/493
http://bugs.mysql.com/bug.php?id=64884
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2122

Friday, June 01, 2012

Exploiting Apache Struts ExceptionDelegator Vulnerability (CVE-2012-0391)

via @ampliasecurity: This week in videos: Exploiting Apache Struts ExceptionDelegator Vulnerability (CVE-2012-0391) http://youtu.be/YGCSJEZ7kPk?hd=1