Hi all, Do you know any Web app vulnerable to HQL Injection ? I was reading this article blog.h3xstream.com/2014/02/hql-for-pentesters.html and I wanted to practice it a bit. This seems to be really interesting. Regards, Paul

On 13 Feb 2014, at 10:16, Paul AMAR <aos.paul@gmail.com> wrote: > > Do you know any Web app vulnerable to HQL Injection ? Here’s one I wrote and use for internal testing: https://github.com/continuumsecurity/RopeyTasks/ there’s HQL injection in two of the Controllers, e.g.: https://github.com/continuumsecurity/RopeyTasks/blob/master/grails-app/controllers/net/continuumsecurity/ropeytasks/TaskController.groovy Best to download grails and run it from there so you can play with the code. If you run: grails war, you can then copy the resulting .war file to any servlet container like Tomcat, Jetty etc. Disclaimer: this wasn’t really designed for public consumption, just for my internal testing, so it’s not as user friendly as DVWA and other vulnerable apps. regards, Stephen