HTTP

Protocol-level and SQL injection techniques — HTTP/3 services, operator-precedence SQLi, boolean-blind extraction, UNION-based session forging, and replay-driven SSRF.

0 categories 5 notes

Notes

5 total

Boolean Blind SQLi / Targeted Extraction

Extract data one bit at a time through success/failure, timing, or response-shape differences when full results aren't reflected.

web http sql-injection blind-sqli extraction sqlmap

Hybrid Session State via UNION SELECT

Forge a result row that mixes your stable identifiers with the victim's high-value attributes when the app trusts the row wholesale.

web http sql-injection union-based session account-takeover

POST Replay / Cache Turning into Internal GET SSRF

Abuse replay systems and scheduled fetchers as hidden SSRF surfaces where a stored external POST becomes a privileged internal GET.

web http ssrf replay webhook internal-access

Service Hidden Behind HTTP/3 / QUIC

Reach a service that is intentionally only available over QUIC/HTTP3 even though a normal TCP HTTP probe looks dead.

web http http3 quic recon

SQLi where AND / OR Precedence Matters

Bias row selection in injectable login queries by reasoning about AND/OR precedence instead of blindly appending OR 1=1.

web http sql-injection authentication-bypass operator-precedence