Our community has moved to Discord. Join us there!
Cybr.com/Discord
These forums are still up for historical purposes.

Home Page Forums General Discussions Blind vulnerabilites ?

  • Blind vulnerabilites ?

    Posted by Deleted User on July 8, 2021 at 1:06 pm

    Would it be best to focus on the blind sections of SQL I and OS Command Injections in this ongoing rat race in bug hunting ?

    Deleted User replied 3 years, 3 months ago 2 Members · 2 Replies
  • 2 Replies
  • Christophe

    Administrator
    July 13, 2021 at 9:48 pm

    Blind injections can be pretty tricky to pull off but they can also be quite rewarding. I’ve chatted with some bounty hunters who’ve been quite successful but who have never found a blind injection in the wild (mostly from not focusing on that much though I think)…so, could be a good area to focus on, but I’d expect a bit of a challenge!

    • Deleted User

      Deleted User
      July 14, 2021 at 12:47 pm

      Well i have yet to earn a vulnerability in 13 months, calling this a challenge is a understatement. There is one other person i follow the XSS Rat, he recommended going after the Blind versions of each vulnerability since they are of course harder but not everyone is going after and would rather go after the low-hanging fruit.

Log in to reply.