Identify database user privileges and perform RCE [DB: MySQL, Level: Advanced]
This lab demonstrates how to extract information from the database such as user privileges, user permissions, etc. using a MySQL function. It also shows how to read and write files on the file system and, perform remote code execution on the vulnerable instance.
Lab: Data extraction using MySQL functions.
Technique Used: Union query.