pwny.cc
Search…
MySQL
Some of the queries in the table below can only be run by an admin. These are marked with (PRIV) at the description.

Version

1
SELECT @@version;
Copied!

Comments

1
SELECT 1; #comment
2
SELECT /*comment*/1;
Copied!

Current User

1
SELECT user();
2
SELECT system_user;
Copied!

List Users (PRIV)

1
SELECT user FROM mysql.user;
Copied!

List Password Hashes (PRIV)

1
SELECT host, user, password FROM mysql.user;
Copied!

List Privileges (PRIV)

1
#List user privileges
2
SELECT grantee, privilege_type, is_grantable FROM information_schema.user_privileges
3
4
#List privs on databases (schemas)
5
SELECT grantee, table_schema, privilege_type FROM information_schema.schema_privileges;
6
7
#List privs on columns
8
SELECT table_schema, table_name, column_name, privilege_type FROM information_schema.column_privileges;
Copied!

List DBA Accounts (PRIV)

1
SELECT grantee, privilege_type, is_grantable FROM information_schema.user_privileges WHERE privilege_type = 'SUPER';
2
SELECT host, user FROM mysql.user WHERE Super_priv = 'Y';
Copied!

Current Database

1
SELECT database();
Copied!

List Databases

1
SELECT schema_name FROM information_schema.schemata;
2
SELECT distinct(db) FROM mysql.db
Copied!

List Tables

1
SELECT table_schema,table_name FROM information_schema.tables WHERE table_schema != 'mysql' AND table_schema != 'information_schema'
Copied!

List Columns

1
SELECT table_schema, table_name, column_name FROM information_schema.columns WHERE table_schema != 'mysql' AND table_schema != 'information_schema'
Copied!

Find Tables from Column Name

1
#If you want to list all the table names that contain a column LIKE '%password%':
2
SELECT table_schema, table_name FROM information_schema.columns WHERE column_name = 'password';
Copied!

Hostname, IP Address

1
SELECT @@hostname;
Copied!

Create Users (PRIV)

1
CREATE USER test1 IDENTIFIED BY 'pass1';
Copied!

Delete Users (PRIV)

1
DROP USER test1;
Copied!

Make User DBA (PRIV)

1
GRANT ALL PRIVILEGES ON *.* TO test1@'%';
Copied!

Location of DB Files

1
SELECT @@datadir;
Copied!

Read Files (PRIV)

1
SELECT LOAD_FILE('/etc/passwd');
Copied!

Write Files (PRIV)

1
SELECT * FROM mytable INTO dumpfile '/tmp/somefile';
Copied!
Last modified 8mo ago