Home  >  Article  >  Database  >  How to escalate privileges in phpmyadmin through diary

How to escalate privileges in phpmyadmin through diary

藏色散人
藏色散人forward
2021-03-24 18:00:192543browse

The following tutorial column from phpmyadmin will introduce to you how to upgrade phpmyadmin through diary. I hope it will be helpful to friends in need!

How to escalate privileges in phpmyadmin through diary

##phpmyadmin Weak passwords are often seen. Today I will introduce how to provide phpmyadmin with weak passwords. right.

First of all, phpMyAdmin is a MySQL database management tool based on PHP and structured in Web-Base mode on the website host, allowing administrators to use the Web interface to manage MySQL databases. During the installation process, the default path is WWW/phpmyadmin

Obtain relevant information:


How to escalate privileges in phpmyadmin through diary As you can see, this is the integrated environment of phpstudy, and the general installation path is
disk/ File package/phpstudy The next step is to check the path of the website. I will introduce two types below:
The first one: through the probe:

How to escalate privileges in phpmyadmin through diary The above information can be It turns out that our absolute path is C:/phpstudy/phpstudy/WWW. Generally this is the root directory of the website, and the probe file is in subdirectory 12 under the root directory/This is also the path of phpmyadmin
The second type: Enter phpmysql and get the mysql directory through the sql command, and then infer the website path
The command is select @@basedir;

How to escalate privileges in phpmyadmin through diary It can be concluded that our mysql installation path is C:/ phpstudy/phpstudy/MySQL/, based on this we can infer that the root path of our website is C:/phpstudy/phpstudy/WWW

The next step is the expansion of privilege escalation MySQL global The value of the variable (general_log, general_log file).
general log refers to the log saving status. There are two values ​​(ON/OFF). ON means open and OFF means closed. general log file refers to the path where the log is saved.
You can use sql command
set global general_log = "ON"; #Turn on the log saving status
SET global general_log_file='c:/phpStudy/phpstudy/WWW/infos.php' #Modify the saving of the log Location

How to escalate privileges in phpmyadmin through diary里写图片描述

The next step is to write a sentence:


How to escalate privileges in phpmyadmin through diary里写图片描述 Successful connection:

Some people may ask why it is not one sentence after writing, but mixed with other statements


What we uploaded is PHP pony, in the connection During the process, read from the beginning, because the previous ones do not have the characteristics of php files.

The above is the detailed content of How to escalate privileges in phpmyadmin through diary. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:csdn.net. If there is any infringement, please contact admin@php.cn delete