Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Report (Base64 param) #66928

Open
jsql-robot opened this issue Feb 8, 2018 · 3 comments
Open

Report (Base64 param) #66928

jsql-robot opened this issue Feb 8, 2018 · 3 comments

Comments

@jsql-robot
Copy link

I try test injection for Post Method base login form of project demo at link
http://sechow.com/bricks/docs/installation.html

But this tool cannot work?
@ron190
Copy link
Owner

ron190 commented Feb 8, 2018

Usually login pages are not meant to extract data by injection but only to be forced by always true SQL conditions like 'or 1=1'.

Instead you should use jSQL on 'Content pages', those pages are made for data extraction using injection.

@ron190
Copy link
Owner

ron190 commented Feb 10, 2018

I guess jsql lacks boolean OR injection for login pages, I'll implement it for the next release.

@ron190
Copy link
Owner

ron190 commented Jan 8, 2020

Injection using OR now works with all five 'Content pages' forms.
The last one uses Base64, it still needs tests from my side.

@ron190 ron190 changed the title Report Report (Base64 param) Nov 30, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ron190 @jsql-robot