Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
- The first vulnerability is a blind SQL injection within the password reset functionality. By sending an array of passwords, instead of a single password, the input is not sanitized correctly.
- Additionally, a custom SQL parser can have REALLY bad endings. By abusing the fuzzy search feature, any password can be reset!
- RIPsTech has lots of amazing articles; just an FYI.
