.png)
3 weeks ago
25 BOOK THIS SPACE FOR AD
ARTICLE AD
Free Read here : Click here
This time it is gonna be about injections , and not any injection, but SQL Injection.
I had been a sucker, at finding SQL Injection pretty much from my bug bounty career’s early phase.
Later i realised that, any vulnerability out there which we find it difficult to find, or discover is because, we haven’t come across on one yet.
Without delay, lets get started …
There was this one program, my automation threw out to me in my Telegram bot.
Quick note : I have my own automation, that scrapes out new bug bounty programs soon as they get released or indexed out on search engines !
I went and saw out this program, and it appeared to be a CRM kinda program, which has all these management tools.
They can quickly fill up your Burp Suite History tab.
I noticed in the javascript that, it contained a lot of words related to SQL Databases, like sqlite, executeCommand, and etc.,
I quickly went through the JAVASCRIPT files, and tried to find any endpoint that could execute such queries, but the problem was the JS was too mininfied, and browser rewritten, that it was impossible to…
Bengali (Bangladesh) · 
English (United States) ·