When MySQL is injected into the database, we can use the built-in variables to get more mysql information. Let's take a look at the variables used by MySQL injection.
When we inject mysql database input points, we can obtain mysql related information through built-in functions such as version (), user (), database (), and password, in fact, we can use mysql built-in variables to get more mysql information during injection.
The version () can be written as @ version to read the version as a variable. In this way, other built-in variables cannot be written as variables.
Everyone should have used pangolin to inject injection points into the mysql database. Serious friends should know the information about the two variables basedir and datadir, in fact, more variables can be used during injection.
I sorted out a few items that can be used during injection and collected