Lab 03 - SQL Injection attack, querying the database type and version on Oracle

CTF Security

description

This lab contains a SQL injection vulnerability in the product category filter. You can use a UNION attack to retrieve the results from an injected query.

To solve the lab, display the database version string.

Lab URL https://portswigger.net/web-security/sql-injection/examining-the-database/lab-querying-database-version-oracle

Lab Note and Script https://github.com/ctfsec/portswigger/tree/main/sqlinjection/lab-03

SQL injection Demystified https://youtu.be/AWKGtYIr3Hs

Burpsuite setup for Pentesting https://youtu.be/dJ0lJ63KXek

Web Security SQL Injection playlist https://www.youtube.com/playlist?list=PL-KySkbfyS65YIc32HyM33ae-I-ODntam

Connect with me across various interactive platforms for a dynamic and connected experience.

🔗Discord: https://discord.com/invite/7Kq5hdyJYZ

🔗 Social Media: X (twitter) : @r007User Facebook : https://www.facebook.com/ctfsec

📺 Twitch https://www.twitch.tv/ctfsec

🌐 Website: https://r007us3r.github.io/

🎥 YouTube Channels: https://youtube.com/@ctf-sec

📧 Business Inquiries: ctfsec001@gmail.com

👇 Other Links: https://t.me/+VpUp7BxquVqLSEe5

Support me [+] Buymeacoffee https://paystack.com/pay/r007

#sqlinjection #oracle #database #websecurity #portswigger #cybersecurity #appsec #bypass ... https://www.youtube.com/watch?v=XkcnD4Za8a4

created

2024-07-24

staked

0.0 LBC

license

Copyrighted (contact publisher)

File size

180421072 Bytes