in ,

Escalating a Time-Based SQL Injection to RCE

Today, I will be sharing one of my report on Sony, a public program in HackerOne, and methods on how I escalated it from a Blind Time-based SQL Injection to a Full Remote OS Command Execution.

Credit: 0xEchidonut

This post was created with our nice and easy submission form. Create your post!

What do you think?

Posted by SH

Leave a Reply

Your email address will not be published. Required fields are marked *

GIPHY App Key not set. Please check settings

SSRF to RCE with Jolokia and MBeans

Log4j remote code execution