Chủ Nhật, 29 tháng 3, 2020

[PenTest] FTU info-research webpage Penetration Testing

Long time no see!

After nearly 3 weeks relaxing and reading some interesting books  (The Web Application Hackers Handbook, Demi god and semi devil 😀 ). I completely bored . So I decide to do some funny stuff with CTF or pentesting some random webpages .

So , with my friend's suggestion, I decide to pentest this webpage . It is the information searching page of FTU ( Foreign Trade University ) . Firstly , I check for the SQLi   

Using Zap 2.9.0 my babe , I realize the method of all request is POST .  Start tesing :

So easy , I can't believe it work for the first time trying ! 

After continuing some queries , I have 

and of course I want to dump all the database  

I think that's enough ! I hope that the administrator of this website will fix it !

Happy Hacking!


Phổ Biến

Follow by Email