#BugBounty —” Database hacked of India’s Popular Sports company”-Bypassing Host Header to SQL injection to dumping Database — An unusual case of SQL injection.

Cloudfront header
Added X-Forwarded-host header
HTTP 403 Forbidden
Time based SQL Injection in X-Forwarded-Host header
Database Data

More where this came from

--

--

--

Security Engineer @Microsoft | DevSecOps | Speaker | Breaking stuff to learn | Featured in Forbes, BBC| Acknowledged by Google, NASA, Yahoo, UN etc

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

RWSC Will be Available on CoinTiger 21 October. 1,373,000,000 RWSC to Give Away!

Stakenet DEX: Beta Release

From the world of online banking and e-com to Coinbase, meet @RareBreeds

The Functionalities and Uses of VPNs and Proxies and What the Russian VPN Law is All About

XY SKULLS NFT

{UPDATE} HELLO MYSTERY SCARY BALDIS! Hack Free Resources Generator

Sent Email — Gmail Setting

The Challenge of Data Protection in the Era of Bots

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Avinash Jain (@logicbomb)

Avinash Jain (@logicbomb)

Security Engineer @Microsoft | DevSecOps | Speaker | Breaking stuff to learn | Featured in Forbes, BBC| Acknowledged by Google, NASA, Yahoo, UN etc

More from Medium

Bug Bounty Methodology — Bug Hunting Checklist (PART-1)

No Rate limit in Reset password in a shopping web application

How to get into bug bounties — A list of resources by The XSS Rat

Creating easy proof-of-concept scripts with Python and Curl.