Explains how you can from a SQL injection gain access to the administration console, where you can then run commands on the system. From fingerprinting to injection, to cracking the md5 passwords, to writing a phpshell, where you can easily run commands.
src: pentesterlab.com