ITPUB

Mar 22, 2016 · Information Security

Exploiting a Rare MSSQL Blind Injection via @@LANGID and @@TEXTSIZE

The author details a seldom‑seen MSSQL blind injection discovered during a Google bounty, explaining why automated scanners failed, how manual testing with @@LANGID and @@TEXTSIZE revealed the flaw, and the proof‑of‑concept steps that ultimately earned a reward.