bug-bounty413
xss277
google249
microsoft215
facebook191
apple139
rce124
malware101
bragging-post92
account-takeover88
exploit86
csrf73
cve70
authentication-bypass67
privilege-escalation60
access-control53
phishing48
defi48
dos47
smart-contract47
ethereum44
writeup44
open-source43
supply-chain42
ssrf42
cloudflare42
sql-injection41
browser40
web339
stored-xss39
aws37
web-security36
docker36
input-validation36
ai-agents35
api-security34
smart-contract-vulnerability33
reverse-engineering32
react32
information-disclosure31
idor31
burp-suite30
oauth29
denial-of-service29
cross-site-scripting29
node28
reflected-xss28
race-condition27
web-application27
clickjacking25
0
8/10
A detailed writeup demonstrating how to convert a blind error-based SQL injection vulnerability on MSSQL into an exploitable boolean-based injection using the IIF() function combined with type conversion, enabling data exfiltration through character enumeration attacks despite a 100-character payload limitation.
sql-injection
blind-sql-injection
error-based-sql-injection
mssql
boolean-based-sql-injection
bug-bounty
data-exfiltration
burp-suite
iis
aspx
information-schema
character-enumeration
Ozgur Alp
Synack
Burp Intruder
SQLMap
SQLFiddle
MSSQL
IIS
0
6/10
bug-bounty
SQL injection vulnerability discovered in a forget password function via time-based exploitation. The author enumerated the backend technology (ASP.NET/MSSQL), broke the SQL query with single quotes, injected a WAITFOR DELAY payload to confirm the vulnerability, and used SQLMap to automate database extraction.
sql-injection
time-based-sqli
forget-password
mssql
aspx
sqlmap
burp-suite
bug-bounty
vulnerability-testing
enumeration
exploitation
SQLMap
Burp Suite
ASP.NET
MSSQL
khaled gaber