Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Advanced SQLi section
- Now we're going to talk about firewalk with SQLi
- What i mean with that is, sometimes when you ping a website you will receive a false echo reply.
- The actualy website is behind an firewall or ips so you will never talk directly to the webserver.
- This is very bad, we want to inject the webserver, not their ips or firewall.
- This is very easy to spot tho.. ping your website and copy the ip into your browser is one technique.
- If you get redirect to the correct websites than you're fine.
- But if i refuse connection you can start with following my steps
- 1. Go on http://toolbar.netcraft.com/site_report and enter your URL
- 2. Scroll down to 'Hosting History' and copy one of the ip address (latest seen is recommended)
- 3. For Debian users go to /etc/hosts and paste
- <your ip> <your URL>
- When done correctly this will now talk directly to the webserver, no ips/firewall between that destroy yours SQL injections
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement