Once you have a low-privileged connection, the goal is to gain OS-level access or administrative control. Reading Local Files (LOAD_FILE)
If the MySQL user has the FILE privilege and the secure_file_priv configuration allows it (or is empty), you can read arbitrary files from the server's disk using a standard SELECT statement. mysql hacktricks verified
: Used to retrieve data by appending a UNION SELECT statement to the original query. Once you have a low-privileged connection, the goal
Once access is gained, several verified "HackTricks" can be employed to deepen the compromise. A. File System Interaction secure_file_priv Once you have a low-privileged connection
MySQL running as root or with file_priv + write access to plugin_dir .