Resources
People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!
- Looking at a native PHP project from the year 2000... Bound to find a ton of bugs!
- SQLi everywhere! But, we need to choose one wisely. Preferably, one that returns as much data as we want from the database. The exploitation was made significantly easier because stacked queries were enabled.
- The SQLi was used in order to create an administrative user. After this, an authenticated command injection vulnerability was found in order to achieve RCE.
- This article goes through the process of finding vulns and working through the hurdles!
