sqlmap%attacking_dummy_website_successfully@in real time

sqlmap%attacking_dummy_website_successfully@in real time_Blind@SQL@Injection

WARNING: This attack is applied successfully in real time! And this video is addressed to the owner of this dummy website and other like him! Please, all of you people if you want to create a website go and search professionals, they will do this for all of you!

NOTE: This attack, demonstrates a vulnerability into a PHP application in API environment which is connected directly to MySQL database server. Using this method I inject a malicious code directly into MySQL database server using this stupid PHP application, because they are connected each other!

sqlmap_attacking_dummy_website by nu11secur1ty

Коментари

Публикуване на коментар

Popular Posts

CVE-2021-44228

декември 16, 2021

REPRODUCE OF THE VULNERABILITY =): Collaboration: silentsignal

Публикуване на коментар

Прочетете още

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

ноември 21, 2015

This is the final "how to" guide which brute focuses Damn Vulnerable Web Application (DVWA), this time on the high security level. It is an expansion from the "low" level (which is a straightforward HTTP GET form attack). The main login screen shares similar issues (brute force-able and with anti-CSRF tokens). The only other posting is the "medium" security level post (which deals with timing issues). For the final time, let's pretend we do not know any credentials for DVWA.... Let's play dumb and brute force DVWA... once and for all! TL;DR: Quick copy/paste 1: CSRF=$(curl -s -c dvwa.cookie "192.168.1.44/DVWA/login.php" | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2) 2: SESSIONID=$(grep PHPSESSID dvwa.cookie | cut -d $'\t' -f7) 3: curl -s -b dvwa.cookie -d "username=admin&password=password&user_token=${CSRF}&Login=Login" "192.168.1

Публикуване на коментар

Прочетете още

CVE-2022-21907

януари 12, 2022

Donate if you are not shame!

Публикуване на коментар

Прочетете още