All Questions
Tagged with sql-injection exploit
24 questions
1
vote
0
answers
280
views
Potato exploits dont spawn reverse shell
What could be the reason for potato exploits not being able to spawn a reverse shell?
OS: Microsoft Windows Server 2022 Standard
Build: 20348
Exploits tried: RoguePotato, SigmaPotato, GodPotato
What ...
- 11
1
vote
1
answer
153
views
Is there a possible attack on a MySQL database using an input window [closed]
My app has an input field that is used as a source for a HTML and PDF file.
I also store this input in my database.
My question is: Is it possible to somehow write something in the text field which ...
- 11
1
vote
3
answers
382
views
Can you exploit an SQLi authentication bypass for anything else?
I have manually confirmed an SQLi authentication bypass in a user login portal. The payload itself is quite simple. Can this vulnerability be used to do anything else such as enumerate users or inject ...
- 13
1
vote
1
answer
308
views
Blind SQL Injection POC in Java
I am looking for some java applications (other than Manage Engine) vulnerable to Blind SQL Injection attacks for Authentication Bypass. I explored exploitdb and others but didn't find anything ...
- 201
0
votes
0
answers
310
views
Out-of-band Sql Injection
When I was doing some security research, I found an unexpected query in a POST request like this:
q=select%20*%20from%20x%20where%20a%20%3D%20'%7B%22something%22%3A%22blah%22%2C...%7D'
Where the ...
0
votes
2
answers
30k
views
How do you perform SQL injection on a login form that checks for email address format?
A recent employment test prompted me to perform an SQL injection to gain access into their website.
Using manual and automated (Burp) methods, I was able to find out the form is definitely vulnerable ...
- 325
0
votes
1
answer
150
views
what can you do in sql login details and encryption key is available
I am practicing pen testing in a protected box and I have a vulnerable Magento website and I managed to get its MySQL config file which is app/etc/local.xml.
In this file there is information such as:...
- 121
3
votes
2
answers
487
views
Mysql injection with a single `USE` statement
I know you need prepared statements and such to avoid SQL injection, and I've seen that there are different questions about exploits for SELECT, INSERT, UPDATE injectable queries.
But I couldn't come ...
- 1,381
2
votes
3
answers
3k
views
Huge amount of hidden porn backlinks from legit WordPress sites, why they did it?
I was doing some backlink research and found a huge amount of legit websites linking to the site I was researching.
The problem was that the anchor text of all the links where porn related terms....
...
2
votes
1
answer
359
views
Any known issues with ColdFusion 9 isNumeric check?
I'm probably just being paranoid again about security. The latest thing keeping me up at night is the checks that one of our websites uses. It runs ColdFusion 9 on windows environment and we check a ...
- 153
4
votes
1
answer
2k
views
What does Google do to prevent SQL injections?
I'm a newbie when it comes to security but I've been interested in SQL injection and in particular in how to protect from them. I've read a lot about how to prevent your website from SQL injections, ...
- 143
3
votes
2
answers
5k
views
Demonstrate SQL injection using QR code
I found a way of inserting an SQL injection through a non-secure query. The program is a checkpoint control that works with QR codes. It checks if your code exists in a database and if it does you are ...
- 180
6
votes
1
answer
11k
views
How to bypass mysql_real_escape_string to exploit a SQLi vulnerability?
I tried to find some SQL injection exploits that could bypass functions that should prevent sql injection vulnerabilities, for example mysql_real_escape_string. I found an exploit and the author ...
- 159
4
votes
2
answers
3k
views
SQL injection to login when there's no record in the database
I have a question to solve. Well there's no records of username and password in the database and so one cannot Log in without inserting any records. Is there anyway to exploit the following code and ...
- 53
-1
votes
2
answers
583
views
Are these queries vulnerable to injection in mysql
The queries below show SQL injection in appscans for MySQL.
Is there a way to do a proof of concept or otherwise to how can they be exploited?
INSERT INTO cscart_sessions (session_id, expiry) values('...
- 135