Exploiting Second Order SQLi Flaws by using Burp & Custom Sqlmap Tamper – Pentest Blog
Tags
| attack-pattern: | Data Python - T1059.006 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | ba5e34c6-7b87-4fbe-8854-1bfff64d83ac |
| Fingerprint | 934eabcacfb6043d |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Aug. 1, 2017, 12:24 p.m. |
| Added to db | Jan. 18, 2023, 10:07 p.m. |
| Last updated | Nov. 18, 2024, 3:30 p.m. |
| Headline | Exploiting Second Order SQLi Flaws by using Burp & Custom Sqlmap Tamper |
| Title | Exploiting Second Order SQLi Flaws by using Burp & Custom Sqlmap Tamper – Pentest Blog |
| Detected Hints/Tags/Attributes | 38/1/13 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 29 | sqlmap.py |
|
| Details | Domain | 4134 | github.com |
|
| Details | Domain | 17 | sqlmap.org |
|
| Details | Domain | 1 | durian.py |
|
| Details | File | 29 | sqlmap.py |
|
| Details | File | 4 | r.txt |
|
| Details | File | 42 | information_schema.tab |
|
| Details | File | 5 | lib.core |
|
| Details | File | 1 | durian.py |
|
| Details | Github username | 2 | h3xstream |
|
| Details | IPv4 | 1442 | 127.0.0.1 |
|
| Details | Url | 2 | https://github.com/h3xstream/http-script-generator |
|
| Details | Url | 11 | http://sqlmap.org |