Language
My games(Favorites)   |  To Bookmark

Phpmyadmin Hacktricks Work Jun 2026

For those looking to assess the security of installations, HackTricks

If the database user has the FILE privilege and the PHP configuration allows it, you can read local server files using SQL queries executed inside the phpMyAdmin console: SELECT LOAD_FILE('/etc/passwd'); Use code with caution. Writing a Web Shell (INTO OUTFILE)

: Often displayed on the main login page or the dashboard after authenticating.

This public link is valid for 7 days and shares a thread, including any personal information you added. This link or copies made by others cannot be deleted. If you share with third parties, their policies apply. Can’t copy the link right now. Try again later. phpmyadmin hacktricks

HackTricks phpMyAdmin focuses on reconnaissance, gaining access, and post-exploitation techniques to elevate privileges or execute code. Reconnaissance and Versioning Version Detection

A flaw in the page filtering utility allows an authenticated user to include arbitrary files from the server.

: Attackers frequently check for default or weak credentials (e.g., with no password). Version Identification For those looking to assess the security of

Try sending malformed requests. If you get a generic 403 instead of 200/302, a WAF may be protecting the path.

Rename /phpmyadmin to a non-obvious name.

Use this guide only on systems you own or have explicit permission to test. Unauthorized access to phpMyAdmin or its underlying database is illegal. This link or copies made by others cannot be deleted

phpMyAdmin can also be used to escalate privileges on a database server. For example, an attacker may use phpMyAdmin to create a new database user with elevated privileges.

Check for publicly accessible files like /README , /ChangeLog , or /Documentation.html .

: If you have low-privileged access, check mysql.user or information_schema.USER_PRIVILEGES to identify high-privilege accounts to target. 2. Escalating to RCE

If phpMyAdmin is not on the root domain, network scanners frequently look for it at these common endpoints: /phpmyadmin/ /phpMyAdmin/ /pma/ /admin/phpmyadmin/ /db/phpmyadmin/ 2. Authentication Bypass and Credential Hunting