Hibernate injection study

Some tricks on how to exploit HQL injection as blind SQL injection for different DBMSs.

hqli_sql_server_demo.pl - PoC script for exploiting HQLi in MS SQL Server RDBMS.
hibernate.py - sqlmap tamper script for using UNICODE exploitation technique
queries.xml - modified queries.xml for using UNICODE exploitation technique

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
Readme.md		Readme.md
hibernate.py		hibernate.py
hqli_sql_server_demo.pl		hqli_sql_server_demo.pl
queries.xml		queries.xml

Provide feedback