Phpmyadmin Hacktricks [2021] 【Works 100%】

An attacker executes a SQL query containing PHP code, such as SELECT ''; .

If you have gained access to PhpMyAdmin, you can escalate privileges. phpmyadmin hacktricks

: Local File Inclusion (LFI) allows executing PHP by including the session file (see Medium write-up ). An attacker executes a SQL query containing PHP

1️⃣ – Try root:root , root:"" , pma:"" , root:password such as SELECT ' '