Tags » Sqli

Of Drupageddon and other fancy names

So an unauthenticated SQLi vulnerability dropped on the Internet today. Referred to as #drupageddon and classified as CVE-2014-3704, it is a pretty nifty SQLi flaw, and the PoC is floating about now, most notably on… 305 more words


Sql Injection in a Download PHP Script leading to LFI - Tutorial

Hello everyone,

The title says it, we’re going to sql inject a vulnerable Download PHP Script which will allow us later on to read files on the server. 758 more words


Surf SQLI with Havij !

Growth! oke pada postingan kali ini saya akan berbagi ilmu yang masih dalam ruang lingkup SQL Injection namun dengan tools yang berbeda, yaitu Havij. Sudah pernah mendengar tentang Havij? 250 more words