Comments for www.notsosecure.com

Comment on Injection in Order by, Group by Clause by GDSG

GDSG — Thu, 08 Jul 2010 02:17:27 +0000

THANKS MAN!!!
I try to figure this out about 2 days, cuz IF(1=1,1,1) not worked, but this ROCKS.

Thanks Again!

Comment on bsqlbf v 2.6 by ………..und der Admin hyperventilierte » Blog Archive » Die besten, interessantesten, wichtigsten und unterhaltsamsten Artikel aus der Security-Branche.

Mon, 05 Jul 2010 10:38:47 +0000

[...] bsqlbf v. 2.6 – notsosecure.com The new addition is the execution of any metasploit payload after executing OS code against Oracle database server by exploiting SQL Injection from web apps. [...]

Comment on bsqlbf v 2.6 by Week 26 in Review 2010 | Infosec Events

Week 26 in Review 2010 | Infosec Events — Mon, 05 Jul 2010 06:03:22 +0000

Comment on Blackhat, Defcon 2010 by sid

sid — Thu, 01 Jul 2010 10:10:29 +0000

Its available now

Comment on Blackhat, Defcon 2010 by Bugtrace

Bugtrace — Tue, 29 Jun 2010 18:41:16 +0000

Hi,sid.
After Blackhat and Defcon,do you plan to release Bsqlbf 2.6?

Comment on mysql exploitation with error messages by Bugtrace

Bugtrace — Tue, 29 Jun 2010 12:18:06 +0000

Good trick.

Comment on mysql exploitation with error messages by Dmitry Evteev

Dmitry Evteev — Tue, 29 Jun 2010 11:46:26 +0000

hi! now there’s more effective way to exploit error-based sql injection in mysql. see http://www.ptsecurity.com/download/PT-devteev-FAST-blind-SQL-Injection.pdf

Comment on Local File Inclusion with Magic_quotes_gpc enabled by 7b-ly.com

7b-ly.com — Mon, 24 May 2010 20:42:14 +0000

i did try whit etc/passwd%00
but that does not work
any ideal ?

Comment on Mail Fraud: Case Study by bob

bob — Wed, 19 May 2010 14:59:57 +0000

cool thanks

Comment on Hacking Oracle 11g by d singh

d singh — Fri, 07 May 2010 14:58:32 +0000

i like this post. great post and great blog.