#BugBounty —” Database hacked of India’s Popular Sports company”-Bypassing Host Header to SQL injection to dumping Database — An unusual case of SQL injection.

Cloudfront header
Added X-Forwarded-host header
HTTP 403 Forbidden
Time based SQL Injection in X-Forwarded-Host header
Database Data

More where this came from

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store