SQL Injection

When SQL Injection Encounters Strange Encoding Issues

by
When SQL Injection Encounters Strange Encoding Issues

Introduction Recently, during a penetration test for a client, I discovered a peculiar SQL injection. It was peculiar because the database connection encoding of the system was inconsistent with the actual database encoding, and the database table field names used Chinese characters, making it impossible to retrieve database data through normal means. The Story Begins … Read more

The Art of Chain Attacks in Internal Network Penetration

by
The Art of Chain Attacks in Internal Network Penetration

The Art of Chain Attacks in Internal Network Penetration This article is based on a simulated practical environment assessment conducted by Master Z for his apprentice 007, aimed at evaluating his thought process and capabilities in penetrating entry-level environments. The content is derived from 007’s retelling and records the entire chain attack path he took … Read more