Thread Contributor: Dozy VanSQL injection in an UPDATE query - a bug bounty story!
#1
This is a really interesting read:

https://zombiehelp54.blogspot.ca/2017/02...y-bug.html
#2
That was indeed quite interesting...

Lol that feeling when you change the culprit-parameter to @@VERSION and it actually returns the version

like ...omg talk dirty to me.  [Image: 5MZN22FaecDOPQ-bfkfDK0gzu7tB-DJm_Gbx9ALM...Jn0LZ=w300]
Reply
#3
Found it interesting even thought my knowledge of SQL is as limited to as my knowledge of the other islands apart from this one I'm stranded on.
Good post was a good 5 minute filler!
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)