What is HQL?

HQL stands for Hibernate Query Language.. and this is strictly related to HQL ORM (http://hibernate.org/orm/).. Well according to an SQL Injector point of view there is nothing new in it.. Here are some useful links for understanding HQL and HQL Injection

HQLMap Tool
https://github.com/PaulSec/HQLmap

Vulnerable Environment
https://github.com/continuumsecurity/RopeyTasks/

Manual Injection
http://blog.h3xstream.com/2014/02/hql-for-pentesters.html

HQL
http://docs.jboss.org/hibernate/orm/3.3/reference/en/html/queryhql.html
http://www.tutorialspoint.com/hibernate/hibernate_query_language.htm

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s