Research, demonstrations, and popcorn

Vulnerability Found: Smith & Wesson

This is an older vulnerability I am posting for the sake of getting all my old content moved over to the new site. While browsing Gun Broker, I noticed several Smith and Wesson ads embedded in the page. After looking at the URL, I noticed the it looked like a normal PHP URL with GET…

Continue Reading

Blind SQL Injections

This PDF is a paper I wrote in 2012 demonstrating different blind SQL injection methods on different database platforms.  The information for Oracle is theoretical, due to my limitations at the time of platforms available for testing.  If I have the time, I will try to verify the Oracle method soon. The document covers blind…

Continue Reading