PakistanDatabase.com

Web Hacking How I extended Time-Based SQL Injection to RCE

CyberGod

CyberGod

Administrator
Staff member
2.0
#1
Joined
Dec 23, 2021
Messages
742
Location
Hell
Website
hellofhackers.com
Hellcoins
♆25,955
Profile Music
In this article, I will talk about my report sent to Sony as part of a public program on the HackerOne website , as well as how I converted Blind Time-based SQL Injection into full-scale remote OS command execution.

I will cut out important details from the article such as domains, subdomains, command results, my IP address, server IP address, and others.

Exploration stage​

You must reply before you can see the hidden data contained here.
 
_mrx

_mrx

New member
#2
Joined
Jun 23, 2022
Messages
6
Location
wazirabad
Hellcoins
♆32
CyberGod said:
In this article, I will talk about my report sent to Sony as part of a public program on the HackerOne website , as well as how I converted Blind Time-based SQL Injection into full-scale remote OS command execution.

I will cut out important details from the article such as domains, subdomains, command results, my IP address, server IP address, and others.

Exploration stage​

[Hidden content]
Click to expand...
:)
 
You must log in or register to reply here.
Top