Lab 05 - Part 1: Manual Exploitation to Dump Usernames & Passwords from PostgreSQL Database

In this video, we dive into Lab 05 of the PortSwigger series, demonstrating how to use SQL Injection to extract usernames and passwords from a PostgreSQL database. Follow along as we break down each step in the process

Lab 05 - Part 2: Python Scripting https://youtu.be/v9xGACPkFCw

SQL injection Demystified https://youtu.be/AWKGtYIr3Hs

Burpsuite setup for Pentesting https://youtu.be/dJ0lJ63KXek

Web Security SQL Injection playlist https://www.youtube.com/playlist?list=PL-KySkbfyS65YIc32HyM33ae-I-ODntam

Resources https://portswigger.net/web-security/sql-injection/cheat-sheet

https://swisskyrepo.github.io/PayloadsAllTheThings/SQL%20Injection/PostgreSQL%20Injection/

https://portswigger.net/web-security/sql-injection/union-attacks

https://tib3rius.com/sqli.html

https://github.com/ctfsec/portswigger/

Connect with me across various interactive platforms for a dynamic and connected experience.

🔗Discord: https://discord.com/invite/7Kq5hdyJYZ

🔗 Social Media: X (twitter) : @r007User Facebook : https://www.facebook.com/ctfsec

📺 Twitch https://www.twitch.tv/ctfsec

🌐 Website: https://r007us3r.github.io/

🎥 YouTube Channels: https://youtube.com/@ctf-sec

📧 Business Inquiries: ctfsec001@gmail.com

👇 Other Links: https://t.me/+VpUp7BxquVqLSEe5

Support me [+] Buymeacoffee https://paystack.com/pay/r007

#sqlinjection #postgresql #sqli #microsoft #database #websecurity #portswigger #cybersecurity #appsec #bypass #ctfsecurity #ctfsec

00:00 Intro 00:49 Understanding lab objectives 05:05 PostgreSQL Injection resources 07:17 Testing for SQLi 07:43 Determine numbers of columns required 10:53 Check Columns data type 13:26 Get Database version and type 18:49 List Databases 22:02 List Database tables 24:50 List Database table columns 27:48 Extract data from Database table 32:38 Login as administrator ... https://www.youtube.com/watch?v=qtjleHoaO-Y