Advanced MySQL Exploitation

Presented at DEF CON 17 (2009), July 31, 2009, 2:30 p.m. (20 minutes)

This talk focuses on how MySQL SQL injection vulnerabilities can be used to gain remote code execution on the LAMP and WAMP environments. Attackers performing SQL injection on a MySQL platform must deal with several limitations and constraints. For example, the lack of multiple statements in one query makes MySQL an unpopular platform for remote code execution compared to other platforms. This talk will show that arbitrary code execution is possible on the MySQL platform and explain the techniques. In this presentation, the author will release a new tool titled MySqloit. This tool can be integrated with metasploit and is able to upload and execute shellcodes using a SQL Injection vulnerability in LAMP or WAMP environments.

Presenters:

• Muhaimin Dzulfakar - Security Consultant, security-assessment.com
  Muhaimin Dzulfakar is a Security Consultant for Security-Assessment.com, located in Wellington, New Zealand. His primary duties include network and application penetration testing. Muhaimin Dzulfakar has a bachelor degree in Software Engineering from Multimedia University, Kuala Lumpur where he developed his own Intrusion Detection System. His research interests include exploit development methods and post exploitation process.

Links:

• https://defcon.org/html/defcon-17/dc-17-speakers.html#Dzulfakar
• https://infocon.org/cons/DEF CON/DEF CON 17/DEF CON 17 video and slides/DEF CON 17 - Muhaimin Dzulfakar - Advanced MySQL Exploitation - Video and Slides.mp4 (Video and Slides)
• https://www.youtube.com/watch?v=9zG8y_u-VlU

Similar Presentations:

• GrrCON 2016 / Quick and Easy Windows Timelines with Pyhon, MySQL, and Shell Scripting
• DEF CON 12 (2004) / MySQL Passwords - Password Strength and Cracking
• DEF CON 16 (2008) / Time-Based Blind SQL Injections Using Heavy Queries: A Practical Approach to MS SQL Server, MS Acess, Oracle, MySQL Databases and Marathon Tool