Yes, I've read countless articles on Google and I'm still having a hard time wrapping my head around it...
Case study one: Using Netsparker I found two critical SQL injection points on a scumbag website that extorts money from open source projects by posting fake "analysis"
- Blind SQL Injection
- Boolean Based SQL Injection
- Bonus: Database has admin privileges
No matter what I try I can't see to replicate the (POST) payloads and create a bd shell.
Anyone want to walk me through and be my mentor? Me luv you long time. And some ETH rewards maybe possible if you're a good teacher