Lab 01 - SQL Injection vulnerability in where clause allowing retrieval of hidden data

CTF Security

description

This lab contains a SQL injection vulnerability in the product category filter. When the user selects a category, To solve the lab, we will perform an SQL injection attack that causes the application to display one or more unreleased products.

Lab Note and Script https://github.com/ctfsec/portswigger/tree/main/sqlinjection/lab-01

SQL injection Demystified https://youtu.be/AWKGtYIr3Hs

Burpsuite setup for Pentesting https://youtu.be/dJ0lJ63KXek

Web Security SQL Injection playlist https://www.youtube.com/playlist?list=PL-KySkbfyS65YIc32HyM33ae-I-ODntam

Connect with me across various interactive platforms for a dynamic and connected experience.

🔗Discord: https://discord.com/invite/7Kq5hdyJYZ

🔗 Social Media: X (twitter) : @r007User Facebook : https://www.facebook.com/ctfsec

📺 Twitch https://www.twitch.tv/ctfsec

🌐 Website: https://r007us3r.github.io/

🎥 YouTube Channels: https://youtube.com/@ctf-sec

📧 Business Inquiries: ctfsec001@gmail.com

👇 Other Links: https://t.me/+VpUp7BxquVqLSEe5

Support me [+] Buymeacoffee https://paystack.com/pay/r007

00:00 Introduction 00:51 Manual SQL Injection Exploitation 10:17 Automated SQLi Attack Scripting (Python)

#sqlinjection #websecurity #portswigger #cybersecurity #appsec ... https://www.youtube.com/watch?v=yNXORFfxGP0

created

2024-07-24

staked

0.0 LBC

license

Copyrighted (contact publisher)

File size

137004739 Bytes