database-enumeration

2 articles
Sort: New Top Best
clear filter
bug-bounty621 facebook431 xss316 google103 rce101 csrf60 microsoft59 web354 account-takeover53 writeup50 apple42 sqli41 cve35 ssrf34 exploit33 dos31 privilege-escalation28 defi28 cloudflare27 smart-contract-vulnerability25 idor24 subdomain-takeover24 ethereum23 clickjacking23 smart-contract23 vulnerability-disclosure21 access-control21 auth-bypass19 malware19 remote-code-execution18 lfi17 cors16 race-condition15 cloud15 reverse-engineering14 authentication-bypass14 solidity14 oauth12 browser12 info-disclosure12 aws12 sql-injection11 delegatecall11 denial-of-service11 phishing11 web-application-security10 vulnerability9 buffer-overflow9 web-security9 token-theft9
0
SQLI in Nokia Sites
vulnerability-disclosure

Security researcher Josip Franjković discovered four SQL injection vulnerabilities across multiple Nokia domains (www4.nokia.de, a PHP site, and nokia.es subdomain), including blind SQL injection via User-Agent headers and time-based injection attacks, which Nokia's incident response team patched rapidly in April 2013. The researcher detailed advanced exploitation techniques such as using UNION-based subqueries with CASE statements to extract data from INSERT queries and bypass error-based detection.

sql-injection blind-sql-injection time-based-sql-injection mysql postgresql user-agent-injection insert-into-injection union-based-injection vulnerability-disclosure bug-bounty security-research database-enumeration subquery-injection case-statement-bypass
Nokia www4.nokia.de nokia.es Josip Franjković Bryan de Houwer Nokia Lumia 820 Nokia Lumia 920 Instagram Ganglia
josipfranjkovic.blogspot.com · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details
0
Exploiting tricky blind SQLI
exploit

A blind SQL injection vulnerability in a PostgreSQL LIMIT clause was exploited by using ASCII conversion to extract database information through response-based inference. The attacker created 127 albums and used nested `ascii(substr())` functions to convert extracted characters into numeric values that controlled the LIMIT clause row count, allowing information extraction by counting returned results.

sql-injection blind-sql-injection postgresql limit-clause error-based-injection ascii-function substr-function database-enumeration web-application-security pagination dbms-fingerprinting numeric-context-injection
PostgreSQL PHP Burp Intruder securityidiots Rahul Maini
noob.ninja · devanshbatham/Awesome-Bugbounty-Writeups · 4 hours ago · details