Tags » Sqli

STUDY OF DEEP WEB AND A NEW FORM BASED CRAWLING TECHNIQUE

The World Wide Web, abbreviated as WWW is global information medium interlinked with hypertext documents accessed via the internet. In a web browser a user can easily search the content by simply filling up a form. 76 more words

Article

Summary of OWASP 10 Attack

A1 Injection

Injection flaws  like SQL<OS<LDAP injection occur when untrusted data is sent to an interpreter as a part of a command or query.

A2 Broken Authentication and session Management… 585 more words

So You Think You're Smart, Huh?

A recent post by Rob Graham can be found at http://blog.erratasec.com/2016/02/hackers-arent-smart-people-are-stupid.html. Some may be offended by it and I can see why. But I’m in part posting this to admit to suffering from said stupidity this week … and to provide some (I think) smart advice, both specific and general, AppSec and life related. 647 more words

Sequels are the Worst 1: 80 points

Problem: Log in as admin on this website.

Suggested Reading:

SQL Tutorial
SQL Injection
Boolean Algebra – Basic Operations

Introduction:

SQL injections are quite common in CTFs, and that should not be surprising as they are one of the top attack vectors year after year. 1,351 more words

Web

Finding tables and columns in Sqlite

On a recent capture-the-flag event, I came across a web app that had a somewhat troublesome SQL injection vulnerability. Identifying that the query was vulnerable was easy enough, but fingerprinting the underlying database was troublesome. 128 more words

Introduction to SQL Injection in MySQL and ways of protection

.hl-default {
color: Black;
}
.hl-code {
color: Gray;
}
.hl-brackets {
color: Olive;
}
.hl-comment {
color: Orange;
}
.hl-quotes {
color: Darkred;
} 1,408 more words