avi24k
-
Posts
3 -
Joined
-
Last visited
Posts posted by avi24k
-
-
Hi,
thanks for your reply.
By parsing I meant the database interpret the text () in the file (.txt, .xml, xls) and puts into a table. This table is also view-able using the application (thick-client, non-http). The application itself is written in Delphi and communicates with the database directly (using connection string).
-
Hi All,
I am testing a 2-tier thick client application which has a file upload functionality.
The files are uploaded directly to the database, without any checks on the content and filetype. The database (mssql in this case) parses the file and present it back to the application viewer.
Is there's any way I can abuse this functionality?
Thanks.
Regards,
Avi
Where to learn web application security?
in Security
Posted
There are free courses offered by the newly formed Cybrary group, on their website (https://www.cybrary.it/). Their courses ranges from beginners level to Pro. Below are some example of courses offered by them:
Penetration Testing and Ethical HackingAdvanced Penetration testing
Metasploit
Reverse Engineering