In a typical penetration testing scenario targeting a legacy MySQL 5.0.12 instance, an ethical hacker might use automated tools like Metasploit to demonstrate risk.