information-schema

4 articles
sort: new top best
clear filter
bug-bounty405 google392 xss350 microsoft305 facebook274 apple184 exploit182 rce174 malware136 cve107 account-takeover94 csrf86 browser85 writeup69 privilege-escalation66 phishing61 dos60 react59 supply-chain56 bragging-post55 authentication-bypass54 cloudflare51 node51 ssrf49 aws48 docker48 access-control46 smart-contract45 reverse-engineering45 web344 ethereum43 defi42 pentest41 oauth41 sql-injection40 lfi35 idor35 race-condition33 info-disclosure33 smart-contract-vulnerability32 cloud31 buffer-overflow30 auth-bypass29 wordpress29 clickjacking29 solidity27 subdomain-takeover27 vulnerability-disclosure25 web-application24 sqli23
0 7/10
Fun sql injection — mod_security bypass
vulnerability

Technical writeup demonstrating SQL injection bypass of ModSecurity WAF using MySQL comment encoding (/*!50000*/) and alternative payload construction with MOD/DIV operators and variable assignment to extract WordPress database credentials and schema information.

sql-injection waf-bypass mod-security mysql wordpress union-based-injection comment-encoding information-schema database-enumeration
_Y000_
infosecwriteups.com · kh4sh3i/bug-bounty-writeups · 17 hours ago · details
0 8/10
Turning Blind Error Based SQL Injection into Exploitable Boolean One
vulnerability

A detailed writeup on converting a blind error-based MSSQL injection vulnerability into an exploitable boolean-based injection using the IIF() and CONVERT() functions to systematically enumerate database names and table metadata. The author demonstrates bypassing restrictions on verbose error messages and character limits through clever payload construction and Burp Intruder automation.

sql-injection blind-sql-injection error-based-sql-injection boolean-based-sql-injection mssql database-enumeration burp-suite sqlmap iif-function convert-function information-schema bug-bounty-hunting paywall-bypass
Ozgur Alp Synack Microsoft SQL Server IIS Burp Intruder SQLMap SQLFiddle
ozguralp.medium.com · kh4sh3i/bug-bounty-writeups · 17 hours ago · details
0 8/10
Step by Step Exploiting SQLI in Oculus
vulnerability

Detailed walkthrough of exploiting blind SQL injection in Oculus' developer portal by bypassing multiple filters (no whitespace, no commas) using comment syntax and MySQL alternative function syntax, ultimately extracting admin session tokens and gaining administrative access.

sql-injection blind-sql-injection mysql web-application authentication-bypass session-hijacking oculus facebook burp-suite intruder bypass-techniques information-schema prepared-statements
Oculus Facebook Josip Franjković Jon (Bitquark) developer.oculusvr.com CompanyAction.php PHPSESSID MySQL
josipfranjkovic.blogspot.com · devanshbatham/Awesome-Bugbounty-Writeups · 17 hours ago · details
0 6/10
Union based SQLI writeup
bug-bounty

A bug bounty hunter discovered a union-based SQL injection vulnerability in a private company's web application by identifying vulnerable parameters and methodically determining the number of columns (11) before extracting database version, user information, table schemas, and column names using UNION SELECT queries and information_schema enumeration.

sql-injection union-based-sqli bug-bounty writeup information-schema mysql web-application parameter-discovery database-enumeration
Nur A Alam Dipu
medium.com · devanshbatham/Awesome-Bugbounty-Writeups · 17 hours ago · details