Skip to content

0ang3el/Hibernate-Injection-Study

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Hibernate injection study

Some tricks on how to exploit HQL injection as blind SQL injection for different DBMSs.

  • hqli_sql_server_demo.pl - PoC script for exploiting HQLi in MS SQL Server RDBMS.
  • hibernate.py - sqlmap tamper script for using UNICODE exploitation technique
  • queries.xml - modified queries.xml for using UNICODE exploitation technique

About

Study about HQL injection exploitation.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published