Share
## https://sploitus.com/exploit?id=44B68D28-9770-5F9D-B248-D4C72B955E06
This is a PoC exploit for CVE-2019-8695, which is a vulnerability in the MySQL server that allows authentication without knowing the cleartext password. The exploit targets the Secure Password Authentication plugin (aka `mysql_native_password`, the default method) used by MySQL. 

The target product/service is MySQL server, and the vulnerability class/vector is authentication bypass. The probable entry point is the `mysql_set_character_set` function in `sql-common/client.c`. Notable dependencies/tooling include the `uthash` library and the `openssl` library. The execution context is a network sniffing tool (`mysql-unsha1-sniff`) that intercepts a successful authentication handshake performed by a user. 

The preconditions for the exploit are to obtain a read-only access to the `mysql.user` table in the target database to fetch the hashed password for a given user, and to be able to intercept a successful authentication handshake performed by the aforementioned user. 

The expected impact of the exploit is to obtain a proper authenticated access to a MySQL server without knowing the cleartext password.