Bypass a Cloud Proxy Firewall (Sucuri or Cloudflare)

August 20, 2016January 19, 2017 makman PHP, SQL Injection

First, I would like to thank Osanda Malith for the encouragement to make this piece. Check his blog for some super cool InfoSec research. Introduction Most of us already know that we can bypass Sucuri or Cloudflare (Firewall Proxy) by finding the real IP address of the web server. But, What if there are multiple […]

[Without Quotes] String Based SQL Injection

October 15, 2015July 3, 2016 makman SQL Injection

Today, I’m going to discuss a special case of string based SQL injection where you can perform the injection without the use of quotes. You heard it right, absolutely no quotes at all in string based injections. This may come in handy if the quotes are blocked. This may not work everywhere but I actually […]