Tag Archives: SQL injection

File Inclusions with SQL.

Last time I posted something technical was about SQL injection . I described how to identify a vulnerable parameter and how to exploit it manually, it is possible to use something FREE like sqlmap or other free or commercial products.

This time we are going to talk about Local File Inclusion and Remote File Inclusion. So, what is file inclusion?
Continue reading

SQL Cheatsheets

I suppose you have already read this .

When I was writing the post “SQL injections” I mentioned that I didn’t know some MsSQL reserved words. This time I have some cheatsheets mostly from darkc0de but you can find everything on the web too. Remember “A dumb asks questions, a smart asks google first” :) Continue reading

SQL injections

Databases are pieces of software that allow massive storage of data in a structured-by-the-developer order. All this data can be easily accessed using SQL language. The data can be anything, from text, personal identification number, credit card numbers or even files in certain cases. The success of those databases is that anyone with the proper authorization can access the data both fast and easily. The access is achieved by SQL. SQL stands for Structured Query Language. Continue reading