Collaborate Disseminate
I was watching the DEFCON 17: Advanced SQL Injection video here.
At 15:00, when discussing the various classes and types of SQL injection attackS, the speaker stated
With MySQL you really only have Union-based and Blind
Provided the abov… Continue reading Why are MySQL injections more limited than MS-SQL attacks?
I am trying to complete an SQL injection CTF here.
I confirmed just adding a single ‘ mark at the end of the URL caused a MySQL syntax error, and following this tutorial, I could complete this challenge without any automated tools.
Here is… Continue reading sqlmap is encountering 403 forbidden
I am trying to understand The Pentester Lab challenge here at VulnHub.
After I translated this tutorial into English, at Exercise 2 I was presented with the following SQLi which completes the challenge:
http://pentesterlab/sqli/example2.ph… Continue reading Trying to understand this SQL injection from VulnHub
I am new to web security, and I need your help in confirming things. As the title says, I am looking for and researching for a safe way to take in user input that may contain special characters/HTML/bbcode/script tags and safely store it i… Continue reading Best way to store user input that has HTML tags and <script> tags and display it on client side as is but still being safe from mainstream attacks
I am injecting:
-35′ and updatexml(null,concat(0x3a,(0x0a,(select database()))),null)– –
and I am receiving:
Error 1 – Operand should contain 1 column(s)
Any idea how to fix this?
I am trying to get the database type.
References:
http:… Continue reading SQL Injection "Error 1 – Operand should contain 1 column(s)"
I get a blank screen when I inject 1′ on low security, for example. If I type in 1 then it displays users, but that’s all that will work.
I found instructions on gihub that mention to alter .htaccess but I cannot find this file anywhere.
I… Continue reading Cannot get SQL injection to work in DVWA on Kali Linux
I’m a pentester – that is, a professional penetration tester. Some call me an ethical hacker, a white hat, or red teamer. In the heat of the moment, I’ve been called much worse – because I’ve spent countless hours attacking organizations like yours wit… Continue reading 5 critical questions to test your ransomware preparedness
I have a WordPress plugin that helps create an organization chart/tree and then generates a URL where the chart is available to be viewed by the public.
The plugin dashboard looks like this
the plugin uses window alerts to input from the u… Continue reading What are vulnerabilities of saving user input directly in wordpress plugin?
I was reading into the basics of SQL injection attacks on w3schools here.
In the second example, I was curious as to why the equal sign was used. I have quoted within the line below.
" or ""="
Is there any particular … Continue reading Why does this SQL injection have an equals symbol?
How does the –os-shell parameter in Sqlmap work? I know its uploading a backdoor, but how is Sqlmap uploading it and is the file just a normal reverse shell trojan?
Also, is it still anonymous when being used over the –tor switch?
Continue reading How does the –os-shell parameter in Sqlmap work? Is it still anonymous over Tor?