Select Page

From CVS import to cmd.exe – via SQL injection

This blog post explains the process that we followed in a recent penetration test to gain command execution from a CVS import feature. One of the most challenging issues was that we had to escape commas during the SQL injection attack, as it would break the CVS...

Stacked based MSSQL blind injection bypass methodology

If you have a blind SQL injection you are already in a good position. Exploitation however, depending on the type of the blind SQL injection, can take time. This post is part of a methodology used for obtaining output from a stacked based blind SQL injection....

Exploiting SQL injection vulnerabilities with Metasploit

In this post we are going to show how to exploit a SQL injection vulnerability on a web application using Microsoft SQL server backend where xp_cmdshell is available to the attacker. Given a penetration test to a web application it is identified that it is vulnerable...