Blind SQL Injection

In this article I will demonstrate a blind SQL injection attack against level 17 of the Natas hacking game at overthewire.org. Continue reading “Blind SQL Injection”

Advertisements

Brute Forcing PHP Session IDs

Natas is hacking game hosted at overthewire.org that centres around web application security.  Each level must be compromised by some means to reveal the password for the next level.  Below is a writeup of the method I used to penetrate the security of level 19.  I highly recommend this game to anyone interested in web application security. Continue reading “Brute Forcing PHP Session IDs”