Just curious how good the team is with SQL injection attacks? I know moderately big server that's hosting a compromised web application. Only been able to dump the database, but haven't fully rooted it yet. Curious if you buy leaks from people, or if you actually root the server and take it.