Skip to content

Latest commit

 

History

History
19 lines (13 loc) · 1.04 KB

README.md

File metadata and controls

19 lines (13 loc) · 1.04 KB

What

This is a temporary dump of posts I eventually plan to publish on a proper site.

Why

  1. Their content could accidentally turn to be useful to someone
  2. Archiving/documenting purposes
  3. To have material to go through in nostalgic mode should I ever get old

Disclaimer

Some content can be relatively outdated as could date as far as the pre-2010 era.

Contents

How not being lucid made me want to turn and exploit an SQL Injection from Boolean-Blind to Union-based by crafting a 2-in-1 Payload.

The exploit was accomplished by leveraging a first SQL Injection to alter and weaponize the output of the first vulnerable query into a carrier for a 2nd SQL Injection on a 2nd query all through a single injection point (parameter) - hence the 2-in-1 Payload.

Next in line: Chaining multiple vulnerabilies to get RCE on a Commercial Software via Black-Box Testing