Skip to content

Erick-Chimal/SQL-Injection

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 

Repository files navigation

SQL Injection Fundamentals Guide and Video

YouTube Demonstration

Description

SQL Injection with HTB Academy/CTF

Languages and Techniques Used

  • Structured Query Language
  • SQL Injection

Environments Used

  • Windows 10
  • Oracle Virtual Box
  • Kali Linux
  • Burpsuite
  • Parrot OS
  • Docker

Cyber Apocalypse 2023 - The Cursed Mission

  • Hack the Box - CTF

Getting an Error:
Disk Sanitization Steps
Using burpsuite, I am able to gain an insight that normally would remain hidden and inaccessible.

Understanding the error:
Disk Sanitization Steps
Knowing that I have access to the underlying error in the SQL syntax, I can experiment with the parameters until I understand exactly what is causing the error. In this case, it appears that double quotation marks " are the cause of the error.

The Payload:
Disk Sanitization Steps
The payload was a simple "OR 1 = 1" statement, followed by a comment that ignored everything that came after it.

Results:
Disk Sanitization Steps

HTB Academy

  • SQLI Fundamentals

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published