On this occasion I would like to relate step by step another of the injections that I liked the most.

This is a site that came to me from a colleague to test together!

The parameter where the attack is made is used to display a PDF document and it is exactly with this that we guide ourselves to discover how many columns we are going to have for this injection!

We started!

First we have the link

site/ejemplo/parametro=25527

#sql-server #cybersecurity #sql-injection #sql