Use of Mysql database UDF security issues

I have been on vacation recently. I have not written a blog, but I still have the last day in my eye. The time is really fast. Today I want to talk about database security. For database security issues, first of all, important generated databases must not be stored on the public network.

I have been on vacation recently. I have not written a blog, but I still have the last day in my eye. The time is really fast. Today I want to talk about database security. For database security issues, first of all, important generated databases must not be stored on the public network.

I have been on vacation recently. I have not written a blog, but I still have the last day in my eye. The time is really fast. Today I want to talk about database security.

For database security issues, first of all, important generated databases must not be stored on the public network. Once hacked, data is lost if the consequences are unimaginable, remove your pants (the whole database is packaged and exported). If the user's password is stored in plain text, it is terrible, last year, the user data leaks on several large websites were caused by plaintext storage of users' passwords.

Second, a large number of weak Database Password problems exist. The cause of this problem is that sa or dba is negligent in security issues for convenience only.

I have no intention of scanning a mysql database with a weak password today. My topic also begins with this weak password mysql database. First, log on to the database remotely. It is still a weak password of the root user in the mysql database. You are welcome to enter the database and execute an SQL statement to view the IP address and the content of the/etc/passwd file.

View the functions supported by this udf library.

Create a function and check whether it is successfully created. You can see that a UDF named sys_eval is successfully created.

Finally, use UDF to execute functions with higher Permissions

The rest is to use this UDF to obtain system permissions, prompting that you can use nc to bounce back, execute nc-vv-l-p 12345 on your host, and execute SQL statements on the database.

Then, the linux shell will be displayed. However, the usage of udfs also has limitations. You need to have operation permissions for the mysql database. You must have func tables in the mysql database. When skipgranttables is enabled, udfs will be disabled.

PS: mysqludf.sois an existing database file, which generates udf.txt with the help of the statement. Execute the following SQL statement.

Mysql> select hex (load_file ('/usr/lib/mysqludf. so') into outfile'/tmp/udf.txt '; Query OK, 1 row affected (0.04 sec)

This article is from the "Old Xu's Private food" blog and will not be reposted!