Anonhack

"If Nobody sees it, it didn't Happen"

Tag: SQLinjection

  • SQL Injection on Base64 Encoded String Parameters

    SQL Injection on Base64 Encoded String Parameters

    This article is a guide to perform SQL Injection on the Base64 encoded Url parameters. These parameters are encoded so as to make the site injection proof but that is a big myth. Recently I came across “www.somesite.com/index.php?pid=VkRGRk9WQlJQVDA9″ this kind of URLs. The pid here, “VkRGRk9WQlJQVDA9“. It is nothing but 4 times encoded base64 string,…

  • SkyTower CTF Walkthrough

    SkyTower CTF Walkthrough

    The following article is a walkthrough for Skytower Vulnerable machine. This machine is a web application Capture the flag machine. This machine is filtered and an appropriate methodology is required here. Objectives: Obtain the flag.txt file from /root/ So let’s dive: Tools: Virtual Machine or VMware Kali OS I located the skytower vulnhub’s IP address…