{"id":137,"date":"2021-10-06T21:43:49","date_gmt":"2021-10-06T20:43:49","guid":{"rendered":"http:\/\/localhost\/wordpress\/?p=137"},"modified":"2021-10-06T22:26:50","modified_gmt":"2021-10-06T21:26:50","slug":"sql-injections-showcase","status":"publish","type":"post","link":"http:\/\/localhost\/wordpress\/2021\/10\/06\/sql-injections-showcase\/","title":{"rendered":"SQL Injections showcase"},"content":{"rendered":"\n

This is my winning solution for a faculty SQL Injection<\/em> contest<\/span> I participated in 2021.<\/p>\n\n\n\n

The main challenge was to find inventive and playful<\/em> ways to exploit<\/span> database connected applications that are vulnerable<\/span> to this kind of attack. <\/p>\n\n\n\n

Therefore, I used two applications: one that was entirely coded by me<\/a>, and the other being a vulnerable webservice hosted on a Linux server. It was fun ( \u0361\u00b0 \u035c\u0296 \u0361\u00b0)<\/span> .<\/p>\n\n\n\n

Below is the complete description of the exploitation process \/ write-up.<\/p>\n\n\n\n

\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\"\"<\/figure>\n\n\n\n
\"\"
DB schema<\/figcaption><\/figure>\n\n\n\n

The Github repo for this solution can be found here<\/a>.<\/p>\n\n\n\n

The above PDF and video demo can be found here<\/a>. <\/p>\n","protected":false},"excerpt":{"rendered":"

This is my winning solution for a faculty SQL Injection contest I participated in 2021. The main challenge was to<\/p>\n

Continue readingSQL Injections showcase<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[9,7,6,12,5,8,11],"class_list":["post-137","post","type-post","status-publish","format-standard","hentry","category-information-security","tag-badstore","tag-cybersecurity","tag-hack","tag-loginbypass","tag-sqlinjection","tag-webvulnerability","tag-vulnerability"],"_links":{"self":[{"href":"http:\/\/localhost\/wordpress\/wp-json\/wp\/v2\/posts\/137"}],"collection":[{"href":"http:\/\/localhost\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/localhost\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/localhost\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/localhost\/wordpress\/wp-json\/wp\/v2\/comments?post=137"}],"version-history":[{"count":9,"href":"http:\/\/localhost\/wordpress\/wp-json\/wp\/v2\/posts\/137\/revisions"}],"predecessor-version":[{"id":155,"href":"http:\/\/localhost\/wordpress\/wp-json\/wp\/v2\/posts\/137\/revisions\/155"}],"wp:attachment":[{"href":"http:\/\/localhost\/wordpress\/wp-json\/wp\/v2\/media?parent=137"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/localhost\/wordpress\/wp-json\/wp\/v2\/categories?post=137"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/localhost\/wordpress\/wp-json\/wp\/v2\/tags?post=137"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}