Home » Tags

SQL-injection

Oct 09, 2021  ·  11 min read

H@cktivitycon 2021 - Web

Another late CTF writeups for H@cktivitycon 2021 web category.

Default-Credentials SSRF Command-Injection CRLF
Sep 24, 2021  ·  6 min read

HackTheBox - Validation

Second-order SQL injection

Linux SQL-Injection Password-Reuse
Jun 02, 2021  ·  9 min read

VulnHub - DC-9

DC-9 from VulnHub features a website that is vulnerable to SQL injection. I’m able to dump a bunch …

Linux Port-Knocking SQL-Injection LFI
Apr 09, 2021  ·  6 min read

HackTheBox - Magic

SQLi for login bypass and embed webshell to an image file

Linux SQL-Injection Exiftool Upload-Bypass