o 1 introduction
o 2 infos
o 3 credits

_1__introduction___

this tool is very similar to SQLexec (the one with the green apple =Y).
it pipes your commands to the cmd and the feedback back to you.
the real vulnerability is a weak account with root privileges and not the UDF-method.
you can find further information at http://www.nextgenss.com/papers/HackproofingMySQL.pdf

_2__infos___

you can handle cmd like usual cmd.exe, but because of the mySQL syntax use \\ instead of \
(i’m too lazy to fix that :-M) f.e dir c:\\winnt\\system32\\
with the buttons you can create some usefull tools in a dir you want.
don’t know if it’s useful, but i included that for fun =Y
sometimes the function freezes due a overload.i dont know how to fix it - sorry for that!

_3__credits___

special thanks to br0mstar, keep up your good work m8 =Y
greetings to Gnu, norax^, TooStrong and to gso-irc (irc.governmentsecurity.org :-Z )