Security Basics mailing list archives
Re: System Hacked from MySQL Insecurities
From: Kalpin Erlangga Silaen <kalpin () solonet co id>
Date: Fri, 07 Jan 2005 08:41:27 +0700
Dear Bernie,I am allowing port 3306 accessed from the outside world but I remove account which have NULL password. Actually I don't let mysql root password as default, but he can guess it (weak password). In my mind now is how can he get root shell from MySQL ? I was read mysql manual and there is possible to create file from OUTPUT SELECT and put any shellcode at there, but still own by mysql not root (this means is you can't set as setuid to root).
Or... I missing something ? bernie () e-mich com wrote:
Yes it is definately possible and easy to exploit MySQL. Are you allowing port 3306 to accept connections from the outside world? Also did you set a root password for root, as the deafult install does not? Are you runing a firewall, and if you are are you only allowing access to port 3306 from certain IP's or subnets. These are all questions that you should know the answer too or you sahould not be running a public database server. If you cannot answer these questions and need some help let me know, I will try to help if I can. B. Johnson Quoting Kalpin Erlangga Silaen <kalpin () solonet co id>:Dear all, several days ago, someone hacked my test box using the latest FreeBSD. He explained that he rooted my box because he knows my root mysql password. Is it possible to hack system via MySQL ? or he just tricked me and try hide his way ? I am using MySQL 4.0.18 for FreeBSD. My details system: OS: FreeBSD 5.1 MySQL version: 4.0.18 Port : 3306 I opened port 3306 from Internet, so people can use this if they have access/username to MySQL. Thank you. -- --- Kalpin Erlangga Silaen mailto: kalpin () solonet co id URL: http://www.warningnews.com YM: kalpinus MSN: kalpinus IRC: mesra.dal.net nick Kalpin---------------------------------------------------------------- This message was sent using IMP, the Internet Messaging Program.
-- --- Kalpin Erlangga Silaen mailto: kalpin () solonet co id URL: http://www.warningnews.com YM: kalpinus MSN: kalpinus IRC: mesra.dal.net nick Kalpin
Current thread:
- System Hacked from MySQL Insecurities Kalpin Erlangga Silaen (Jan 06)
- RE: System Hacked from MySQL Insecurities Shawn Wall (Jan 06)
- Re: System Hacked from MySQL Insecurities bernie (Jan 07)
- Re: System Hacked from MySQL Insecurities Kalpin Erlangga Silaen (Jan 07)
- Re: System Hacked from MySQL Insecurities Danux (Jan 07)
- <Possible follow-ups>
- RE: System Hacked From MySQL Insecurities Saint Anthony (Jan 07)
- RE: System Hacked from MySQL Insecurities Ed Gorski (Jan 07)
- RE: System Hacked from MySQL Insecurities Kalpin Erlangga Silaen (Jan 10)
- Re: System Hacked from MySQL Insecurities q q (Jan 14)
- RE: System Hacked from MySQL Insecurities Kalpin Erlangga Silaen (Jan 10)