Reindl's (funny) comments aside. Why still use phpMyAdmin in this day and age. Nearly every maria/percona/mysql client supports ssh tunneling. SequelPro on Mac, Heidi (or others) on Windows, and any windows client running through wine if your desktop/laptop is linux. Also developers can just use intellij or similar IDE's that have a database pane.
Trusting administration to an exposed phpMyAdmin in this day and age frightens me greatly. Also if you had an HIDS server running to track bad phpMyAdmin logins i bet there would be a ton of alerts. I've blocked all such attempts in my IPS even though i don't have phpMyAdmin. I realize this does not answer your question, but if this fits into your architecture i'd say good by to that web interface. my $.02 On Wed, Apr 17, 2019 at 10:54 AM Reindl Harald <h.rei...@thelounge.net> wrote: > > > Am 17.04.19 um 16:50 schrieb Turritopsis Dohrnii Teo En Ming: > > Subject/Topic: How do I determine if versions of phpMyAdmin before 4.8.5 > is SQL Injectable using sqlmap? > > frankly are you drunken? > > you posted this exactly same message to > > * phpmyadmin list TWICE > * oracle mysql list > * now mariadb list > > i seriously looked if my mailserver has a problem - stop it damned! > > > _______________________________________________ > Mailing list: https://launchpad.net/~maria-discuss > Post to : maria-discuss@lists.launchpad.net > Unsubscribe : https://launchpad.net/~maria-discuss > More help : https://help.launchpad.net/ListHelp >
_______________________________________________ Mailing list: https://launchpad.net/~maria-discuss Post to : maria-discuss@lists.launchpad.net Unsubscribe : https://launchpad.net/~maria-discuss More help : https://help.launchpad.net/ListHelp
