Extra:
You don't need to use sqlmap you can simply run the select statement in your browser it requires a bit more work tho.
A theory is that you can inject the full shellcode directly instead of first writing the uploader, the problems is that this specific shell is 268kB but maybe with a smaller shell
sqlmap is really powerful tool you can do shitt load of stuff with it here are some functions i find helpfull:
-o optimization
--threads=1-10 nr of threads (faster)
--dbms=mysql backend dbms (faster)
--level=1-5 more-tests
--risk=1-3 more-tests
--tor-port=xxxx connect through tor
--random-agent random user agent
--file-read=/etc/passwd read local file
--file-write=/etc/passwd write file to remote machine must be used with file-dest
--file-dest=/etc/passwd where to write the file-write
--os-shell like the sql-shell but system
--wizard for beginners
--check-waf Check for WAF/IPS/IDS protection
there are many more just check them out
The --file-read/write does not work most of the times maybe im doing something wrong thats why i use sql-shell to write files or do specific commands.
--os-shell is awesome, you cant write php code to disk tho.
well that was it i think, please share your thoughts/concerns or my mistakes
Nesta página do site você pode assistir ao vídeo on-line [Tutorial] SQLMap SQL Injection upload PHP Shell via Mysql duração hora minuto segundo em boa qualidade , que foi baixado pelo usuário VOX Bold 04 Julho 2015, compartilhe o link com seus amigos e conhecidos, no youtube este vídeo já foi visto 6,695 vezes e gostou 1 espectadores. Boa visualização!