Skip to content
Study about HQL injection exploitation.
Perl Python
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Readme.md Add files for UNICODE exploitation method May 15, 2016
hibernate.py Add files for UNICODE exploitation method May 15, 2016
hqli_sql_server_demo.pl Fisrt commit Nov 25, 2015
queries.xml Add files for UNICODE exploitation method May 15, 2016

Readme.md

Hibernate injection study

Some tricks on how to exploit HQL injection as blind SQL injection for different DBMSs.

  • hqli_sql_server_demo.pl - PoC script for exploiting HQLi in MS SQL Server RDBMS.
  • hibernate.py - sqlmap tamper script for using UNICODE exploitation technique
  • queries.xml - modified queries.xml for using UNICODE exploitation technique
You can’t perform that action at this time.