Giters

jcrashkit / Hibernate-Injection-Study

Study about HQL injection exploitation.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Hibernate injection study

Some tricks on how to exploit HQL injection as blind SQL injection for different DBMSs.

  • hqli_sql_server_demo.pl - PoC script for exploiting HQLi in MS SQL Server RDBMS.
  • hibernate.py - sqlmap tamper script for using UNICODE exploitation technique
  • queries.xml - modified queries.xml for using UNICODE exploitation technique

About

Study about HQL injection exploitation.

Languages

Language:Perl 86.0%Language:Python 14.0%