In case we have file access it's always a good idea to:
-
attempt writing a webshell into the webroot
-
exfil server config, logs, source, or SSH keys
--dump-file=DUMP.. Store dumped data to a custom file
--dump-format=DU.. Format of dumped data (CSV (default), HTML or SQLITE)
--file-read=FILE.. Read a file from the back-end DBMS file system
--file-write=FIL.. Write a local file on the back-end DBMS file system
--file-dest=FILE.. Back-end DBMS absolute filepath to write to
# EXAMPLE
--file-write=/path/to/local/file \
--file-dest="/var/www/html/shell.php