Pentesting

Today I bring you a very interesting type of SQL Injection, and that is not very well known. It's a variation of Blind SQL Injection.if you're still not very familiar with SQL injections, I recommend you visit this post first. You should also take a look at noSQL injections from non-relational databases. In Blind SQL Injection, we can get information from the database if the server returns different responses depending on whether the injected payload (Boolean Blind SQL) is true or false. In case it always returns the same answer, we can get the database information from the server response times (Time Blind SQL).However, it may be the case of…

After the posts about SQL Injection and NoSQL Injection, today I bring you the XSS Injection. This attack consists of injecting malicious code into benign web pages. The attacker injects code from the client side, so that for a bad configuration of the website, this code is shown to other users. This type of attack usually occurs when the browser uses a user input field to generate an output field without previously validating it. To try to get a Cross-Site Scripting injection, you have to try to find areas of a web page where a value you enter is reflected. An example would be to find a web page…

In previous posts I have talked about SQL injections. It is usually the first example of computer security that is given to a student: " ´ or 1 = 1 -- a " However, this is only useful for servers that use relational databases, such as MySQL, MSSQL, Oracle. In the last decade another type of database has appeared: non-relational databases, such as Couch or MongoDB. This type of database is used to store a large amount of unrelated data, data that do not fit into the typical tabular model of SQL databases, such as images, videos, social media, and so on. The queries that are made to this type…

As time goes by this domain gets bigger and bigger... Thanks to you! With less than a year of life, Google Analytics has notified me that in March I surpassed the one thousand monthly users. This is great news, but at the same time it has made me think that I should retouch a couple of things about blog security to be completely happy. After all, it's a crime for a cybersecurity blog to lack it. For this reason, today I bring you the steps I have taken to secure wordpress. The Basics Strong passwords and updated services. That's the foundation on which everything else must be built. Be sure…

Google is one of the most famous search engines in the world. However, searching Google is an art that many people don't quite understand. And a case apart are those who prefer to ask you rather than do a simple google search. Luckily, there are awareness pages like lmgtfy Do you want to know how to be a hacker? Here's the link: http://lmgtfy.com/?q=how+to+be+a+hackerhttp://lmgtfy.com/?q=As+ser+hacker But in this article we will go further. Google has advanced search options: the so-called Google Dorks. Here I'll explain each of the different dorks that exist, and show you some examples of how you can discover sensitive information and find pages and files of a…

Have you ever been told that if you find a USB stick on the floor, you shouldn't put it in your computer? Today I'll show you through a proof of concept why you shouldn't do it. In this post we will see how to create a malicious USB that can infect a computer in seconds.But first a little bit of history.In 2010, the media echoed a virus that had managed to infect a nuclear power plant in Iran. This malware, called Stuxnet, slowed down the centrifuges that enriched uranium, increasing the pressure to critical points. The power station had sensors that allowed it to operate valves that released the…

In this other post I talked about passwords and the conditions that must be met to be considered secure. However, if we enter the world's strongest password on an insecure site, an attacker who has access to the database will be able to obtain it no matter how long or complicated it is. The question then arises as to how to securely store the passwords of website users in a database. The answer is that the safest way to do this is not to save them. Instead, a reference to them, i.e. a hash, is stored. To understand this, let's delve deeper into the concept of hash. Hashes and…