Top 50+ SQL Injection writeups by worldwide hackers - Thebughacker

 

SQLi Injection writeups

what is SQL injection attack in web application?

SQL injection is a web security vulnerability that permits an attacker to impede an application's questions to its information base. It for the most part permits an attacker to see information that they are not ordinarily ready to recover. This could incorporate information having a place with different clients, or whatever other information the actual application can access.

1. SQL injection is a code injection method that could obliterate your data set.

2. SQL injection is one of the most well-known web hacking methods.

What are types of SQL Injection?

  1. Error Based SQL injection
  2. Blind Based SQL injection

Below is the list of SQLi writeups from the top worldwide hackers: 

  1. My Bug Bounty Journey and My First Critical Bug — Time Based Blind SQL Injection
  2. Exploiting Blind Postgresql Injection And Exfiltrating Data In Psycopg2
  3. How i got easy $$$ for SQL Injection Bug
  4. Turning Blind Error Based SQL Injection into Exploitable Boolean One
  5. Interesting case of SQLi
  6. Error-Based SQL Injection on a WordPress website and extract more than 150k user details
  7. SQL Injection & Remote Code Execution - Double P1
  8. Accessing the website directly through its IP address, a case of a poorly hidden sql injection
  9. How to contact Google SRE: Dropping a shell in cloud SQL
  10. From SQL Injection to Hall Of Fame
  11. How I got 450$ just in one Google search (SQLi + RXSS)?
  12. Blind SQL Injection at fasteditor.hema.com
  13. From Host Header injection to SQL injection
  14. Patched Zoom Exploit: Altering Camera Settings via Remote SQL Injection
  15. Bug Bounty in Lockdown (SQLi and Business Logic)
  16. HUNT for SQL Injection- The Smart Way!
  17. Utilizing Lockdown: Blind Sqli leads to Account Takeover & Data Extraction
  18. Story of Blind SQL with a type error.
  19. [Bug Bounty Writeups] Exploiting SQL Injection Vulnerability
  20. Tricky Oracle SQL Injection Situation
  21. Akamai Web Application Firewall Bypass Journey: Exploiting “Google BigQuery” SQL Injection Vulnerability
  22. SQL Injection Via Stopping the redirection to a login page
  23. Finding SQL injections fast with white-box analysis — a recent bug example
  24. Bug Bounty: Bypassing a crappy WAF to exploit a blind SQL injection
  25. U.S. Department of Defense - Info Disclosure and SQLi Writeup
  26. SQL Injection in private-site.com/login.php
  27. Exploiting a Tricky Blind SQL Injection inside LIMIT clause
  28. SQL Injection in Forget Password Function
  29. SQL Injection Bug Bounty POC!
  30. Blind (time-based) SQLi - Bug Bounty
  31. SQl Injection
  32. SQL injection through User-Agent
  33. Comma is forbidden! No worries!! Inject in insert/update queries without it
  34. SQL injection for $50 bounty, but still worth reading!!
  35. Abusing MySQL clients to get LFI from the server/client
  36. Authentication Bypass Using SQL Injection AutoTrader Webmail – Bug Bounty POC
  37. ZOL Zimbabwe Authentication Bypass to XSS & SQLi Vulnerability – Bug Bounty POC
  38. SQL Injection Vulnerability bootcamp.nutanix.com | Bug Bounty POC
  39. SQL Injection Vulnerability In University Of Cambridge
  40. Making a Blind SQL Injection a Little Less Blind
  41. SQL Injection and A silly WAF
  42. Attacking PostgreSQL Database
  43. Bug Bounty at Bangladeshi Site.
  44. #BugBounty —” Database hacked of India’s Popular Sports company”-Bypassing Host Header to SQL injection to dumping Database — An unusual case of SQL injection.
  45. Union Based Sql injection Write up ->A private Company Site
  46. SQL injection with load file and into outfile
  47. SQL in everywhere.
  48. SQL injection in an UPDATE query - a bug bounty story!
  49. SQL Injection On MEGA.NZ
  50. Blind SQL Injection [Hootsuite]
  51. Yahoo – Root Access SQL Injection – tw.yahoo.com
  52. Step-by-step: exploiting SQL injection(s) in Oculus’ website.
  53. Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS)
  54. Tesla Motors blind SQL injection
  55. SQL injections in Nokia sites.
If you want to submit your writeups in the list. Submit Here 

Previous Post Next Post

Contact Form