SQL Injection on Base64 Encoded String Parameters

This article is a guide to perform SQL Injection on the Base64 encoded Url parameters. These parameters are encoded so as to make the site injection proof but that is a big myth. Recently I came across “www.somesite.com/index.php?pid=VkRGRk9WQlJQVDA9″ this kind of URLs. The pid here, “VkRGRk9WQlJQVDA9“. It is nothing but […]

Advertisements

SQL Injection part 3: Identifying String Data or Numeric Data

This is my third post on SQL Injection, The first post SQL Injection part 1 was just a basic one to check if the SQL vulnerability exist on a certain website and SQL Injection part 2 shows how to exploit the SQL vulnerability. We inject SQL in three parameters, namely: String Data […]

Advertisements

SQL Injection Part 2

In this article we will be looking at SQL Injection and how we can exploit different types of SQL vulnerabilities present on a website.SQL Injection is one most dangerous ways to get into some site and ruin it totally! Database contains every precious information. It consist of records of credit […]

Advertisements