Robot | Path | Permission |
GoogleBot | / | ✔ |
BingBot | / | ✔ |
BaiduSpider | / | ✔ |
YandexBot | / | ✔ |
Title | Just another |
Description | Neo4j (Cypher graph query language) Justanotherhacker.com is a security blog with an emphasis on technical vulnerabilities and their |
Keywords | N/A |
WebSite | justanotherhacker.com |
Host IP | 198.148.102.34 |
Location | United States |
Site | Rank |
US$306,922
Last updated: 2023-05-07 06:40:04
justanotherhacker.com has Semrush global rank of 34,485,321. justanotherhacker.com has an estimated worth of US$ 306,922, based on its estimated Ads revenue. justanotherhacker.com receives approximately 35,415 unique visitors each day. Its web server is located in United States, with IP address 198.148.102.34. According to SiteAdvisor, justanotherhacker.com is safe to visit. |
Purchase/Sale Value | US$306,922 |
Daily Ads Revenue | US$284 |
Monthly Ads Revenue | US$8,500 |
Yearly Ads Revenue | US$101,993 |
Daily Unique Visitors | 2,361 |
Note: All traffic and earnings values are estimates. |
Host | Type | TTL | Data |
justanotherhacker.com. | A | 793 | IP: 198.148.102.34 |
justanotherhacker.com. | NS | 900 | NS Record: ns2.hover.com. |
justanotherhacker.com. | NS | 900 | NS Record: ns1.hover.com. |
justanotherhacker.com. | MX | 900 | MX Record: 10 mail.justanotherhacker.com. |
justanotherhacker.com. | TXT | 900 | TXT Record: v=spf1 mx a -all |
Just Another Hacker Blog Projects Training Advisories Neo4j (Cypher graph query language) injection By Eldar Marcussen | Permalink I recently came across an injection issue in an app using the Neo4j database for storage. As I had not come across this before and there doesn’t seem to be many posts covering this I thought I would compile a list of syntax that can accomplish most of the common tasks when exploiting query based injection. I used the free sandbox from Neo4j to test these: https://sandbox.neo4j.com/ A simple query should look something like this: MATCH (a :Movie {title: ’Johnny Mnemonic’ }) RETURN a or MATCH (a :Movie ) WHERE a.title = "Johnny Mnemonic" RETURN a or MATCH (a :Movie ) RETURN a LIMIT 20 or MATCH (a :Movie ) RETURN a ORDER BY title Detection Detection of a vulnerable Neo4j query is mostly similar to detecting SQL injection, try using any of the following payloads in the example queries above: ’ " ) int-int (ie: 12-1) int/0 (ie: 12/0) prepend a string like |
HTTP/1.1 200 OK Date: Wed, 27 Oct 2021 12:53:24 GMT Server: Apache/2.4.29 (Ubuntu) Last-Modified: Fri, 09 Apr 2021 04:31:10 GMT ETag: "375d-5bf82a227c598" Accept-Ranges: bytes Content-Length: 14173 Vary: Accept-Encoding Content-Type: text/html |
Domain Name: JUSTANOTHERHACKER.COM Registry Domain ID: 1347475630_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.tucows.com Registrar URL: http://www.tucows.com Updated Date: 2020-12-02T22:06:43Z Creation Date: 2007-12-04T00:23:57Z Registry Expiry Date: 2021-12-04T00:23:57Z Registrar: Tucows Domains Inc. Registrar IANA ID: 69 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited Name Server: NS1.HOVER.COM Name Server: NS2.HOVER.COM DNSSEC: unsigned >>> Last update of whois database: 2021-09-15T09:50:07Z <<< |