Collaborate Disseminate
I am trying to perform sqlmap locally and testing my website
When I run vulnerability scanner, it shows SQL injection error with HTTP like this
GET /index.php/search/FB3hw7”””’/assets/assets/assets/assets/assets/assets/assets/assets/a… Continue reading Sqlmap asking for query String
I have just launched our brand new blog website (php/mysql). I don’t have any idea about cyber security. Yesterday we published a topic on coronavirus vaccine. I just noticed a new post is sitting on the home page Title: “Mr.Krungzx” and u… Continue reading A New Blog Post is showing on top of my home page from Unknown user cyberanon – How to Remove the post? [closed]
I have just launched our brand new blog website (php/mysql). I don’t have any idea about cyber security. Yesterday we published a topic on coronavirus vaccine. I just noticed a new post is sitting on the home page Title: “Mr.Krungzx” and u… Continue reading A New Blog Post is showing on top of my home page from Unknown user cyberanon – How to Remove the post? [closed]
I have come across a CTF challenge that has a part with an SQL injection (MySQL DB). I have completed it, but I do not know why or how the injection works.
The query in the PHP application would probably be like this:
SELECT * FROM users… Continue reading Whats the meaning of ] symbol in a SQL query?
If I want to deploy a Laravel WebApp using MySQL DB on a VPS like DigitalOcean, Vultr or similar platforms, should I separate the VPS into WebApp VPS and MySQL VPS? Is it more secure?
And what if I separate the Laravel project into AdminPr… Continue reading Is it more secure if I separate VPS into WebApp/MySQL VPS & separating WebApp projects into Admin/User projects
Whenever I try SQL injection payloads into the login form of my test website, I just get the following error, nothing changes apart from the error, please suggest how to proceed further:
You have an error in your SQL syntax; check the man… Continue reading Manual SQL Injection: Unable to get further errors in SQL injection testing
Malware campaign targets global manufacturers that are still dependent on Windows 7 subsystems to run fleets of IoT endpoints. Continue reading New Lemon Duck Malware Campaign Targets IoT, Large Manufacturers
I had a task to create a MiniCTF event in which I created a challenge to solve using SQLi. Now my final output that the database spits out has a left arrow character (<) in it. While displaying it, the database only prints everything be… Continue reading CTF: Special Character in MySQL Database [closed]
MySQL’s old mysql_native_password hashing scheme was the equivalent of this in PHP:
sha1(sha1(‘password’, true));
That’s a hex-encoded SHA-1 hash of a binary SHA-1 hash of the password, without any salting.
MySQL 8.0 introduced a two… Continue reading What’s the algorithm behind MySQL’s sha256_password hashing scheme?
I have a local application which will be accessible only after login. Its single URL application, URL of application won’t change, just it use ‘XMLHttpRequest’ to refresh the content of screen based on action and other parameters.