burp

Home / Tag: burp

10 Jan

Attacking Adobe ColdFusion

Pentester
ColdFusion,Skills
Tags: APSB09-09, APSB10-18, authentication bypass, burp, cfm shell, CFML, fckeditor, LFD, LFI to shell
no comments

Preface Recently, I have been working in an environment with lots of Adobe ColdFusion installations, most of them unpatched, having nice, exploitable vulnerabilities. You can find almost everything about hacking ColdFusion on different blogs / forums / etc. but for convenience, I wanted to collect those tricks that I was able to use in real […]

01 Jan

MySQL SQL Injection Practical Cheat Sheet

Pentester
Skills,SQL Injection
Tags: burp, DVWA, ExtractValue, grep extract, SQLZoo, union injections
no comments

There are lot of excellent SQL injection cheat sheets out there; however, I found the majority provide only the components of a SQL injection rather an entire, working string. As a result, successfully putting a valid query together can take some trial and error and waste precious time. I have thus attempted to create a […]