How to Create a Script for SQL Injection Testing
1. Introduction and Objectives In this article, we will briefly explain what a attack of this nature entails, and then we will demonstrate how to create a small script that automates certain SQL injection tests. To achieve this, you will need to have a basic understanding of databases and web programming. We will be using Kali Linux as the attacking machine. 2. What does a SQL injection (SQLi) attack consist of? A SQL injection attack essentially involves injecting malicious SQL code through a form with unsanitized input fields. Insufficient data sanitization leads to a vulnerability, and if this form connects …
Exploiting: Buffer Overflow (BoF)
1. Introduction and Objectives In this article, we will delve into the exploitation of a Buffer Overflow (BoF) vulnerability. We will utilize various tools to extract the required information through reverse engineering, enabling us to create the final exploit and gain access to the target machine. To accomplish this, a fundamental understanding of reverse engineering and programming in Python is essential. 2. Setting up the Lab To initiate this practice of exploiting a Buffer Overflow vulnerability, we will need to set up a laboratory with the following virtual machines and tools: Once the machines are set up, we verify that …
Implementing Scripts in Metasploit (Proof of Concept)
1. Introduction and Objectives In this article, we will demonstrate how we can implement Ruby-written scripts in the Metasploit Framework, in order to subsequently utilize them in our cybersecurity audits. It’s worth noting that when we refer to ‘scripts,’ we are talking about various tools, whether they are exploits, auxiliary modules, or any other type. To achieve this, we will need to have at least a basic understanding of Ruby and the architecture of Metasploit. 2. Metasploit & Ruby Ruby is a dynamic, object-oriented, open-source programming language focused on simplicity and productivity. The significance of this language within Metasploit is …
Latest News
