VigilanteTech
SQL injection in an UPDATE query - a bug bounty story! - Printable Version

+- VigilanteTech (https://vigilante.tech)
+-- Forum: General Discussions (https://vigilante.tech/forum-4.html)
+--- Forum: News & Happenings (https://vigilante.tech/forum-14.html)
+--- Thread: SQL injection in an UPDATE query - a bug bounty story! (/thread-614.html)



SQL injection in an UPDATE query - a bug bounty story! - Dozy Van - 02-19-2017

This is a really interesting read:

https://zombiehelp54.blogspot.ca/2017/02/sql-injection-in-update-query-bug.html


RE: SQL injection in an UPDATE query - a bug bounty story! - Baredee - 02-21-2017

That was indeed quite interesting...

Lol that feeling when you change the culprit-parameter to @@VERSION and it actually returns the version

like ...omg talk dirty to me.  [Image: 5MZN22FaecDOPQ-bfkfDK0gzu7tB-DJm_Gbx9ALM...Jn0LZ=w300]


RE: SQL injection in an UPDATE query - a bug bounty story! - StrandedBanana - 02-21-2017

Found it interesting even thought my knowledge of SQL is as limited to as my knowledge of the other islands apart from this one I'm stranded on.
Good post was a good 5 minute filler!