Sanduni FernandoHackTheBox — Sense writeupThis is the 3rd blog out of a series of blogs I will be publishing on retired HTB machines.4 min read·Sep 12, 2022--1--1
Sanduni FernandoHackTheBox — Nibbles writeupThis is the 2nd blog out of a series of blogs I will be publishing on retired HTB machines.6 min read·Sep 1, 2022----
Sanduni FernandoHackTheBox -Bashed writeupThis is the first blog of the series of blogs I will be publishing on retired HTB machines.7 min read·Aug 31, 2022----
Sanduni FernandoBlind SQL injection with conditional errorsAs we discussed in preceding Lab exercise, Blind SQL injection is a type of SQL injection attack that asks the database true or false…9 min read·Aug 17, 2022--1--1
Sanduni FernandoBlind SQL injection with conditional responsesIn many cases of SQL injection, the application does not return the results of the injected query to the user’s browser, nor does it return…6 min read·May 12, 2022----
Sanduni FernandoExamining the database in SQL injection attacks.Your ultimate goal of attacking a web application is to extract interesting data from the database. To do that, you must gather some…7 min read·Apr 13, 2022----
Sanduni FernandoSQL injection UNION attack to retrieve multiple values within a single columnConsider a situation where the original query returns multiple columns from the target table. Instead of checking each column to determine…3 min read·Mar 29, 2022----
Sanduni FernandoSQL injection UNION attack to retrieve interesting dataOnce you have identified the number of columns required in your injected query, and have found which column can hold string data, you are…3 min read·Mar 22, 2022----
Sanduni FernandoSQL injection UNION attack, finding a column containing textFinding columns with a useful data type in an SQL injection UNION attack3 min read·Nov 20, 2021----
Sanduni FernandoSQL injection UNION attack, determining the number of columns returned by the querySQLi UNION attack to determine the number of columns6 min read·Nov 14, 2021----