eLearnSecurity Blog

Second Order SQLi – Do Not Trust Your Own Escaped Queries

Master of Puppets

What happens when you have a web application using EXT4 to store files, correctly escapes queries and does not accept direct user controlled parameters?

You need to take your SQLi to the next level!

SQLi2ndWebAppScheme

Follow me on October 21st in a webinar where you are going to see how to exploit second order SQLi.
You will see how to use sqlmap beyond its common behavior with a simple but effective custom script.

I will demonstrate a method which can help you to not only carry out the exploitation, but to also allow you to do your injections in a fast and efficient way!

Reserve your seats here.

 

Tags: , , , ,

2 Comments

Leave a Reply

Your email address will not be published.

Go to top of page