Description: In this video he will shows us how to bypass Oracle mysql Authentication. Using Metasploit auxiliary mysql authbypass hashdump. This exploits a password bypass vulnerability in mysql and we will receive username and encrypted password hashes from the mysql server.
More Information About This Vulnerability :-
http://eromang.zataz.com/2012/06/12/cve-2012-2122-oracle-mysql-authentication-bypass-password-dump-metasploit-demo/
https://community.rapid7.com/community/metasploit/blog/2012/06/11/cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql?utm_source=dlvr.it&utm_medium=twitter
http://www.itworldcanada.com/news/hackers-can-bypass-mysql-password-verification/145601
Tags: mysql , password , bypass ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.
This vulnerability affected almost all linux system. And very easy to exploit this vulnerability.
for other mysql related exploits please check
auxiliary/scanner/mysql/mysql_hashdump
auxiliary/scanner/mysql/mysql_login
auxiliary/scanner/mysql/mysql_schemadump
auxiliary/scanner/mysql/mysql_version