{"id":13575892,"url":"https://github.com/4ra1n/mysql-fake-server","last_synced_at":"2025-04-04T23:30:57.630Z","repository":{"id":174001131,"uuid":"640852874","full_name":"4ra1n/mysql-fake-server","owner":"4ra1n","description":"MySQL Fake Server (纯Java实现，支持GUI版和命令行版，提供Dockerfile，支持多种常见JDBC利用)","archived":true,"fork":false,"pushed_at":"2023-09-18T15:13:23.000Z","size":951,"stargazers_count":679,"open_issues_count":4,"forks_count":77,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-11-05T11:44:42.547Z","etag":null,"topics":["fake-server","jdbc","mysql","vulnerability","web-security"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/4ra1n.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.MD","contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2023-05-15T09:06:44.000Z","updated_at":"2024-11-04T04:15:47.000Z","dependencies_parsed_at":"2024-01-16T20:27:57.222Z","dependency_job_id":"d615c08b-e7c4-40bb-b7a8-6007eaa830a1","html_url":"https://github.com/4ra1n/mysql-fake-server","commit_stats":null,"previous_names":["4ra1n/mysql-fake-server"],"tags_count":4,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4ra1n%2Fmysql-fake-server","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4ra1n%2Fmysql-fake-server/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4ra1n%2Fmysql-fake-server/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/4ra1n%2Fmysql-fake-server/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/4ra1n","download_url":"https://codeload.github.com/4ra1n/mysql-fake-server/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247266475,"owners_count":20910831,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["fake-server","jdbc","mysql","vulnerability","web-security"],"created_at":"2024-08-01T15:01:05.180Z","updated_at":"2025-04-04T23:30:53.669Z","avatar_url":"https://github.com/4ra1n.png","language":"Java","funding_links":[],"categories":["Java","红队\u0026渗透测试"],"sub_categories":[],"readme":"# MySQL Fake Server\n\n![](https://img.shields.io/badge/build-passing-brightgreen)\n![](https://img.shields.io/badge/build-Java%208-orange)\n![](https://img.shields.io/github/downloads/4ra1n/mysql-fake-server/total)\n![](https://img.shields.io/github/v/release/4ra1n/mysql-fake-server)\n\n[English Version](doc/README.md)\n\n## 0x00 介绍\n\n该项目是 [MySQL_Fake_Server](https://github.com/fnmsd/MySQL_Fake_Server) 高级版\n\n当`JDBC URL`可控时，特殊的`MySQL`服务端可以读取`JDBC`客户端任意文件或执行反序列化操作\n\n完全使用`Java`实现部分`MySQL`协议，内置常见`ysoserial`链，一键启动，自动生成可用的`payload`用于测试\n\n参考 [MySQL_Fake_Server](https://github.com/fnmsd/MySQL_Fake_Server) 项目，`payload`从`user`参数传递。反序列化应以`deser_`\n开头，规则为`deser_[gadget]_[cmd]`；文件读取以`fileread_`开头，规则为`fileread_[name]`\n\n由于某些文件名或命令存在特殊字符，支持使用`base64`传递方式，方式为原有`user`基础上进行`base64`并以`base64`\n开头，例如`user=deser_CB_calc.exe`等于`user=base64ZGVzZXJfQ0JfY2FsYy5leGU=`\n\n默认文件保存在当前目录的`fake-server-files`下的当前时间戳目录内（自动创建目录）\n\n注意：读文件功能遇到没有没有完整读取的情况，重新尝试即可完整读取\n\n自从 `0.0.3` 版本以后支持了自定义反序列化 `gadget` 功能\n\n![](img/004.png)\n\n自从 `0.0.4` 版本以后支持了 `PostgreSQL RCE`\n\n![](img/005.png)\n\n自从 `0.0.4` 版本以后支持了 `Apache Derby` 基于 `Slave` 的 RCE\n\n![](img/006.png)\n\n\n## 0x01 GUI\n\n使用`GUI`版本一键启动，启动后可以根据自己的环境输入参数，生成`payload`\n\n启动：`java -jar fake-mysql-gui.jar`\n\n![](img/001.png)\n\n## 0x02 CLI\n\n当你的环境不允许使用`GUI`版时，可以使用命令行版启动，同样可以使用`GUI`辅助生成`payload`\n\n启动：`java -jar fake-mysql-cli.jar -p [port]`\n\n![](img/002.png)\n\n## 0x03 Docker\n\n构建：`docker build -t fake-mysql-server .`\n\n启动：`docker run -p 3306:3306 -d fake-mysql-server`\n\n![](img/003.png)\n\n## 0x05 其他\n\n怎样测试：\n\n```java\n    String url = \"jdbc:mysql://...\";\n    try {\n        Class.forName(\"com.mysql.jdbc.Driver\");\n        // Class.forName(\"com.mysql.cj.jdbc.Driver\");\n        DriverManager.getConnection(url);\n    } catch (Exception e) {\n        e.printStackTrace();\n    }\n```\n\n## 0x06 免责申明\n\n本项目仅面向安全研究与学习，禁止任何非法用途\n\n如您在使用本项目的过程中存在任何非法行为，您需自行承担相应后果\n\n除非您已充分阅读、完全理解并接受本协议，否则，请您不要使用本项目\n\n## 0x07 致谢与参考\n\n- https://github.com/frohoff/ysoserial\n- https://github.com/fnmsd/MySQL_Fake_Server\n- https://pyn3rd.github.io/2022/06/06/Make-JDBC-Attacks-Brillian-Again-I/\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F4ra1n%2Fmysql-fake-server","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F4ra1n%2Fmysql-fake-server","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F4ra1n%2Fmysql-fake-server/lists"}