Local File Disclosure using SQL Injection

时间:2021-06-18 03:48:13
【文件属性】:

文件名称:Local File Disclosure using SQL Injection

文件大小:1.32MB

文件格式:PDF

更新时间:2021-06-18 03:48:13

SQL Injectio

SQL Injection AKA mother of hacking is one of the notorious and well known vulnerability which has caused lots of damage to cyber world. Researchers has published lots of stuff on different-2 exploitation techniques for conducting various type of attacks including accessing data stored in database, reading/writing code from/to server using load and into outfile in MySQL, performing command execution using SA account in MSSQL. In this paper, we are going to exploit SQL Injection vulnerability in file download function which download file from server on the basis of output returned by vulnerable SQL query.


网友评论