Hibernate injection - HQL injection exploitation.

Hibernate injection – HQL injection exploitation.

Some tricks how to exploit HQL injection as blind SQL injection for different DBMSs.

HQLI Injection server Demo

HQLI Injection server Demo. Support platform on Wndows x86 and x64

File:
+ hqli_sql_server_demo.pl – PoC script for exploiting HQLi in MS SQL Server RDBMS

Requirements:
– cpan perl
– Module URI::Encode | install module; cpan URI::Encode

hqli_sql_server_demo.pl Script:

Source: https://github.com/0ang3el