Tag: sql injection on base64 encoded strings

  • SQL Injection on Base64 Encoded String Parameters

    SQL Injection on Base64 Encoded String Parameters

    This article is a guide to perform SQL Injection on the Base64 encoded Url parameters. These parameters are encoded so as to make the site injection proof but that is a big myth. Recently I came across “www.somesite.com/index.php?pid=VkRGRk9WQlJQVDA9″ this kind of URLs. The pid here, “VkRGRk9WQlJQVDA9“. It is nothing but 4 times encoded base64 string,…