Django port 8000 wireshark captures11/10/2022 ![]() ![]() # BOOLEAN: ->(1- Detect the false query to view the difference with the true one, 2- When you know the false response find leter by letter) =>SQL INJECTIONS (1- add "NULL" columns until you know how many they have, 2- change the column to know which one is printable, 3- look for the concatenated text "sssssectest") Go run main.go -u -w wordlist.txt -s 200,301 -k -t 100 -v -> -k no certificate check -v verbose -t threads ![]() ![]() Wfuzz with docker (openssl fixed)ĭocker run -v /media/sf_Shared_VM/SecLists/Discovery/Web-Content/:/mnt/test dominicbreuker/wfuzz:latest -c -z file,/mnt/test/raft-medium-directories-lowercase.txt -hc 404 > copy/paste the cookies from the "to curl" burp option ![]() Wfuzz -c -z file,/root/Desktop/Dictionar/all.txt -hc 404 -b "loguser= logpass= hciw=1 hsnu=Pepe ASP.NET_SessionId=yewr3vdm4m1ygm4gxhcizuzm hscid=-1. Wfuzz -c -z file,/media/sf_Shared_vm/Fuzzing\
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |