Find answers, ask questions, and connect with our
welcoming community.

Home Page Forums General Discussions Blind vulnerabilites ?

  • Blind vulnerabilites ?

    Posted by Anthony on July 8, 2021 at 1:06 pm

    Would it be best to focus on the blind sections of SQL I and OS Command Injections in this ongoing rat race in bug hunting ?

    Anthony replied 1 year, 4 months ago 2 Members · 2 Replies
  • 2 Replies
  • Christophe

    Administrator
    July 13, 2021 at 9:48 pm

    Blind injections can be pretty tricky to pull off but they can also be quite rewarding. I’ve chatted with some bounty hunters who’ve been quite successful but who have never found a blind injection in the wild (mostly from not focusing on that much though I think)…so, could be a good area to focus on, but I’d expect a bit of a challenge!

    • Anthony

      Member
      July 14, 2021 at 12:47 pm

      Well i have yet to earn a vulnerability in 13 months, calling this a challenge is a understatement. There is one other person i follow the XSS Rat, he recommended going after the Blind versions of each vulnerability since they are of course harder but not everyone is going after and would rather go after the low-hanging fruit.