Mysql Hacktricks Verified Portable Access

LOAD DATA LOCAL INFILE '/etc/passwd' INTO TABLE temp_table FIELDS TERMINATED BY '\n';

If secure_file_priv is empty (allowed) or points to a writable dir: mysql hacktricks verified

If secure_file_priv is set (prevents INTO OUTFILE / LOAD_FILE outside certain dirs), check its value: LOAD DATA LOCAL INFILE '/etc/passwd' INTO TABLE temp_table

~1 in 256 chance of success.

MySQL can issue HTTP requests via sys_exec() or SELECT ... INTO OUTFILE to write a port scanner script. But a verified light pivot: mysql hacktricks verified

Exploiting insecure defaults & exposed ports

-- View all connections SHOW PROCESSLIST;

Mysql Hacktricks Verified Portable Access

Latest News