Skip to content
logo
Red tradecraft
SQL injection: routed
  • Privacy greenhouse
  • Defence blues
  • Purple crossroads
  • Indigo observatory
  • Contact
Initializing search
    • In: Where the falcons and foxes roam
      • A canopy of apple-blossom
        • Field notes from the fragrant branches of web app exploitation
        • Web application attack runbooks
        • Web application attack playbooks
        • Root-me: Orchard foraging
          • Root-Me Web client challenges
          • Root-Me Web server challenges
            • Insecure code management
            • Directory traversal
            • File upload: null byte
            • PHP assert()
            • PHP Filters
            • PHP Register globals
            • JWT Introduction
            • JWT (not) revoked token
            • JWT weak secret
            • Python: Server-side Template Injection Introduction
            • Command injection: filter bypass
            • Java: Server-side Template Injection (SSTI)
            • Local file inclusion
            • Local file inclusion: double encoding
            • PHP preg_replace
            • PHP type juggling
            • SQL injection: authentication
            • SQL injection: string
            • XSLT code execution
            • PHP path truncation
            • PHP serialisation
            • SQL injection: numeric
            • SQL injection: routed
              • Techniques
              • Counter moves
            • SQL truncation
            • XPath injection: authentication
            • SQL injection: time-based
      • Social engineering
      • Where wild boars plough through endpoints
      • Wolverines do not ask for permissions
      • Riches in the ground
      • The device is just the keyring
      • Poking physics with network packets
    • Through: Where the raccoons burrow and rummage
    • Out: Where squirrels swipe the crown jewels
    • Fungolia earthworks
    • Unseen University Power & Light Co.
    • The Scarlet Semaphore
    • Techniques
    • Counter moves

    SQL injection: routed¶

    root-me challenge: SQL Injection - Routed: Find the admin password.

    Using HackTricks Routed SQL injection:

    SQL injection routed

    Techniques¶

    • SQL injection

    • Server-side injection runbook

    Counter moves¶

    SQL injection: routed is what this page works through. Server-side validation and least privilege are what these reduce to. The defensive counterpart is in the blue notes on the application layer as a target.

    2026-06-14 18:23
    © Copyright 2025, TyMyrddin.
    Created using Sphinx 7.2.6. and Sphinx-Immaterial

    Made with love in the Unseen University, 2025, with a forest garden fostered by /ut7