Created
January 20, 2019 21:15
-
-
Save mttjohnson/7f3e2fd6fe28b5c10ea48106f0a0dd1d to your computer and use it in GitHub Desktop.
MySQL File Security Testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| select @@secure_file_priv; | |
| select @@local_infile; | |
| CREATE TABLE load_data_local_infile ( | |
| file_id int unsigned not null auto_increment primary key, | |
| content text not null | |
| ); | |
| CREATE TABLE load_file ( | |
| file_id int unsigned not null auto_increment primary key, | |
| file_name varchar(255) not null, | |
| content text not null | |
| ); | |
| -- load file from the system the mysql client is running from | |
| LOAD DATA LOCAL INFILE '/etc/my.cnf' | |
| IGNORE | |
| INTO TABLE `test`.`load_data_local_infile` | |
| CHARACTER SET utf8 | |
| FIELDS | |
| TERMINATED BY '\n' | |
| OPTIONALLY ENCLOSED BY '"' | |
| IGNORE 1 LINES | |
| (content) | |
| ; | |
| -- load file from mysql host | |
| INSERT INTO load_file values ( | |
| NULL, | |
| '/etc/my.cnf', | |
| LOAD_FILE('/etc/my.cnf') | |
| ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment