Chủ Nhật, 29 tháng 3, 2020

[PenTest] FTU info-research webpage Penetration Testing

Long time no see!

After nearly 3 weeks relaxing and reading some interesting books  (The Web Application Hackers Handbook, Demi god and semi devil 😀 ). I completely bored . So I decide to do some funny stuff with CTF or pentesting some random webpages .







So , with my friend's suggestion, I decide to pentest this webpage . It is the information searching page of FTU ( Foreign Trade University ) . Firstly , I check for the SQLi   




Using Zap 2.9.0 my babe , I realize the method of all request is POST .  Start tesing :







So easy , I can't believe it work for the first time trying ! 


After continuing some queries , I have 




and of course I want to dump all the database  






I think that's enough ! I hope that the administrator of this website will fix it !

Happy Hacking!











  

Phổ Biến

Follow by Email