Live Hacking: SQL Injection For Beginners (Part 1)

Рет қаралды 132,941

Күн бұрын

Sign up for Snyk for free: snyk.co/techraj
Some useful resources on SQL Injection:
snyk.io/blog/sql-injection-ch...
snyk.io/learn/sql-injection/
snyk.io/blog/sql-injection-or...
DISCLAIMER: The demonstration shown in this video is
performed in a controlled lab setup. This video
is for educational purposes only. You can only
perform penetration testing in your own lab
environment and doing it on any live application
is not allowed and it is a crime unless you are a
professional and have appropriate permissions.
In this video, I demonstrated Error-based SQL Injection and by demonstrating it practically on an intentionally vulnerable application called Juice Shop.
OWASP Juice Shop is probably the most modern and sophisticated insecure web application! It can be used in security trainings, awareness demos, CTFs and as a guinea pig for security tools! Juice Shop encompasses vulnerabilities from the entire OWASP Top Ten along with many other security flaws found in real-world applications!
In this video, we exploit the SQLI vulnerability on Juice Shop
Juice Shop: github.com/bkimminich/juice-shop
You can run juice shop on your computer by simply using Docker (check out the above link to read the instructions on how to do so)
Originally, this video was supposed to contain both Error-based SQLI and Blind SQLI, but since the video is getting very long, I had to split it into two parts. This is part 1 that has the Error-based SQLI demo, the part 2 will have the Blind SQLI demo.
I uploaded part 2 to Odysee (LBRY based app) to support the cause of decentralizing the web. Decentralization means no censorship and content freedom!
Unlike platforms like KZbin (which are biased and controlled by a central authority), decentralized applications are not controlled by any single authority, no one has excessive powers or privileges over these applications, and most importantly they are also open-source so no data theft!
This is why I believe the decentralized web is the future!
Learn more about LBRY (a content-sharing decentralized application): lbry.com/
Watch Part 2 on Odysee: odysee.com/@techraj156:4/sql-...
If you are new to Odysee, you can use my link to signup: odysee.com/$/invite/@techraj1...
Chapters:
0:00 Disclaimer & What are we going to learn in this video?
1:31 About our sponsors - Snyk
5:06 What is SQL?
5:57 What is SQL Injection?
7:06 SQL Injection on Juice Shop
7:37 Install Juice Shop on your PC with Docker
10:22 Exploiting SQL Injection in the Login feature
18:20 Exploiting SQL Injection in the Search feature
34:39 Using SQL Map to automate SQL Injection
39:35 Error based SQLI vs Blind SQLI
40:31 Using Snyk to find and fix SQL Injection bugs
50:31 End of Part 1
Thanks for watching!
SUBSCRIBE FOR MORE VIDEOS!
Join my Discord: / discord
Follow me on Instagram: / teja.techraj
Website: techraj156.com
Blog: blog.techraj156.com

Пікірлер: 264

@TechRaj156 3 жыл бұрын

Watch part 2 on Odysee (LBRY based decentralized content-sharing application): odysee.com/@techraj156:4/sql-injection-part2 Also, check out Snyk: snyk.co/techraj

@bdas8420 3 жыл бұрын

Ok after 50 min

@krish7021 3 жыл бұрын

What is your qualifications

@ayushchampatiray7768 3 жыл бұрын

Would this work in case of a Ajax request where content type is just one string( application/x-www-form-urlencoded)

@falconfire8759 3 жыл бұрын

the quality of his video- 101% KZbin messing with his channel - 2000% result - max 10k viewers :/

@itskiller8012 3 жыл бұрын

True😢😢

@appyviral8753 3 жыл бұрын

Apke comment ko yt ne dekha or video ko thoda boost diya 😀

@singhisking821 2 жыл бұрын

@@appyviral8753 lmao

@hemanthsankaramanchi5320 3 жыл бұрын

Need more content like this.

@Iuffycs 3 жыл бұрын

@📌Pinnedby Tech Raj KZbin okay KZbin Bot

@bertrandfossung1216 3 жыл бұрын

Raj I can't thank you enough for this beautiful and instructive content on SQL injection. I have learned a tone of new things. We need for content like this especially for bug bounty hunting. Thanks bro!!👍🏽🙏🏽

@avijitd22 3 жыл бұрын

Need this types of videos from you

@SinisteR2602 3 жыл бұрын

We want more of these type of videos ! You are doing a great job

@kaustubhpaturi4801 3 жыл бұрын

WE NEED MORE!!

@Abhinav-Bhat 3 жыл бұрын

Good one I would not see any Indian Course But today I am Proud of You Thank You Anna

@harshitsinghGRIND 3 жыл бұрын

was waiting for a long time

@harshitsinghGRIND 3 жыл бұрын

@📌Pinnedby Tech Raj KZbin are you able to see who subscribed you?+ which browser do u love the most?

@bruhhh-__- 3 жыл бұрын

There are many videos on SQL and I have learned but not the complete and it's interesting to learn from your favorite KZbinr

@adminbyseregasoleniyminer4490 3 жыл бұрын

Thanks for watching... +:1-5-1-6-3-9-9-1-9-1-1 Direct feedback 📥

@akshatdasondhi30 2 жыл бұрын

Loved it, need more lessons like this thankyou ❤️🔥

@fitnessbro8442 3 жыл бұрын

Expecting more content like this 🙏🙏🙏

@kurdmajid4874 3 жыл бұрын

Dude thanks a lot man ur vids are really informational

@hrishikeshmahato4071 3 жыл бұрын

Very informative as always ❤

@isha7359 3 жыл бұрын

I didn't knew that sql can be used for this i thought it was usless while learning it in my class😊 But now😍

@NexPlayy 6 ай бұрын

🤣🤣🤣🤣

@vinayakpatil5214 Жыл бұрын

Underated channel...the incredible way of exploitation explaination, hatsoff dude. keep growning bro.

@niveds9090 3 жыл бұрын

Great content. Expecting more content like this.

@HeyAsif 3 жыл бұрын

_Raj_ *Make some great courses please*

@SadTown99 2 жыл бұрын

This channel covers a lot of content that is hard to find accurate information on these days… reminds me of the Wild West internet before everything got nerfed 🤓

@GauravRai 3 жыл бұрын

Most ignored thing in the world : This video's *DISCLAIMER* 😂😂

@techrajassistant7317 3 жыл бұрын

Thanks for your review...... For more information.... contact my recommended broker +1=4=2=3=8=0=1=8=4=0=6 W/H/A/T/S/A/P/P""

@tarunvarma9828 3 жыл бұрын

We need more content like this more

@kspavankrishna 3 жыл бұрын

GREAT VIDEO THANK You FOR MAKING IT

@rastgo4432 3 жыл бұрын

Great tutorial bro , i hope u'll be making more of these cool content . 👏🏻

@priyansh5233 3 жыл бұрын

@📌Pinnedby Tech Raj KZbin Scammer.

@animeloverpakbj8229 3 жыл бұрын

I was just suffering a lot learning SQL injection Thanks a lot 🥺🥺❤️❤️😺

@techrajassistant7317 3 жыл бұрын

Thanks for your review...... For more information.... contact my recommended broker +1=4=2=3=8=0=1=8=4=0=6 W/H/A/T/S/A/P/P""

@khokon_m 3 жыл бұрын

After giving a watch, I downloaded the video. Not sure if youtube removes this one too!

@DataInNutShell 2 жыл бұрын

NICE VIDEO BHAI, liked it alot

@akshayghoghari1821 3 жыл бұрын

very Informative 👍👍

@raahul2813 3 жыл бұрын

Awesome bro

@cyberawm1158 3 жыл бұрын

WoW! I even downloaded this

@rustybolt_ 2 жыл бұрын

Frieking luv u man wonderfull explaination Liked and subbed!

@spy4045 3 жыл бұрын

Dude lot of thanks ❤️ good information

@debashissatpathy5208 3 жыл бұрын

First time I found a very usefull sponser.

@adminbyseregasoleniyminer4490 3 жыл бұрын

✓✓T•E•X•T•M•E✓✓ ✓✓+•1•5•1•6•3•9•9•1•9•1•1✓✓ ✓✓F•O•R•M•O•R•EG•U•I•D•I•A•N•C•E✓✓ A•N•D•I•N•F•O✓✓✓✓✓✓✓✓✓✓

@shivangsaraswat315 3 жыл бұрын

You are doing great work please continue this serie..

@adminbyseregasoleniyminer4490 3 жыл бұрын

@hacker-jd6cq 3 жыл бұрын

Nice buddy thank you

@gopi9368 2 жыл бұрын

Thanks!

@Siddharthtrading 3 жыл бұрын

Want more content like this🔥

@ALLISINONE 3 жыл бұрын

Bro keep it up!

@fluffy280 3 ай бұрын

thank u for the video

@routetosuccess6716 3 жыл бұрын

Wow bro you are great 👌

@shivamanish2280 3 жыл бұрын

Which os should a starter should use windows or linex

@radai. 3 жыл бұрын

Literally I love your English

@techrajassistant7317 3 жыл бұрын

Thanks for your review...... For more information.... contact my recommended broker +1=4=2=3=8=0=1=8=4=0=6 W/H/A/T/S/A/P/P""

@Knuddelfell 3 жыл бұрын

love this

@viresh222 Ай бұрын

Bro this is elite 😮 🎉❤ love from Maharashtra

@ArpanWasti 3 жыл бұрын

Hello, Can you make video on something like Do's and Dont's for newbies who's have just started to learn? Likewise you said on well equipped environment and such stuffs like Is it safe using my personal emails on the Virtual Box or Dual booted linux distros where I practice injection, penetration tests and stuffs? And other common mistakes? Maybe hope I make some sense here. : )

@adminbyseregasoleniyminer4490 3 жыл бұрын

@vasuparmar9963 3 жыл бұрын

Which is best for coding and hacking Windows Or Chromebook.??

@pratheekshetty.m5784 3 жыл бұрын

We can also use google cloud docker right?

@yashu1089 3 жыл бұрын

Good content deer

@FrpKiller 3 жыл бұрын

Great demonstration

@adminbyseregasoleniyminer4490 3 жыл бұрын

@harshog 3 жыл бұрын

Love from you ♥️

@parrotsec2263 3 жыл бұрын

Good Explanation

@adminbyseregasoleniyminer4490 3 жыл бұрын

@sathwikamin9147 3 жыл бұрын

Good one

@tysonghaly4374 3 жыл бұрын

Going to the second half

@EL-sc9on 2 жыл бұрын

Instead logging in as the first user in the database, what do I enter to use ORDER BY RANDOM so I login as a random user

@shyampandey5546 3 жыл бұрын

We need more content related. To ethical hacking raj big fan of yours

@s.kishorekumar8272 3 жыл бұрын

Love you bro

@kshitijkumar9398 3 жыл бұрын

Hi teja. Please make a video for a system that records attendance of students entered in meet,the time they remained. Please make

@_AayushKumar 3 жыл бұрын

Make a video on blind SQL injection

@aniketxcyber2415 3 жыл бұрын

need more

@mamotechnology2368 3 жыл бұрын

thank you sir i appreciate the time that you spent to make this video and to teach us these stuffs i really respect you, hope you can teach us ethical hacking well but not on youtube cause , you know there're some rules in youtube that don't allow to share these things

@LOLIPOP119Jp 3 жыл бұрын

Need more

@pratismithgogoi4028 3 жыл бұрын

🔥🔥🔥🔥🔥more more more

@bahai9706 3 жыл бұрын

10,300th view Lots of love and support from Tripura (North-east)

@adminbyseregasoleniyminer4490 3 жыл бұрын

@laxmikantsaraswat6319 3 жыл бұрын

Part 2🔥🔥🔥🔥🔥bhi aane de jaldi

@ranjannayak7930 3 жыл бұрын

Legends be like: *What is SQL* 😅😂

@Divaaakar 3 жыл бұрын

Structured query language

@ranjannayak7930 3 жыл бұрын

@@Divaaakar yeah 😂

@ranjannayak7930 3 жыл бұрын

@Md golam Mostofa 🤣

@b07x 3 жыл бұрын

It's like a database managing language

@shreayankanjilal 3 жыл бұрын

@Md golam Mostofa It's easier than programing.

@jemilapinto8568 3 жыл бұрын

My friends Facebook id got hacked how we get that id

@pct0679 3 жыл бұрын

Pls Upload 1 video per week

@yasirazam4976 3 жыл бұрын

Bhi aik phone sa dosra phone hack kasy karna hai

@barathkumar588 3 жыл бұрын

Need more videos man...👍

@adminbyseregasoleniyminer4490 3 жыл бұрын

Thanks for watching... +:1-5-1-6-3-9-9-1-9-1-1 Direct feedback 📥

@adarshranjan2935 3 жыл бұрын

Please make a video on how to extract drm key 🔑 from drm url

@KyrieBron Жыл бұрын

Brave man

@ankitshaw1388 3 жыл бұрын

Man You are damn talented ❤️

@ankitshaw1388 3 жыл бұрын

@📌Pinnedby Tech Raj KZbin I Thought You are also from India

@ayushking_01 3 жыл бұрын

@@ankitshaw1388 ha ha its fake

@xen.sky_8674 3 жыл бұрын

man i liek your mic can you add the link in desc?

@gouravunair9822 3 жыл бұрын

Who needs his hacking course??

@MuhammadSheesAli 3 жыл бұрын

Tutorial will start at 5:01

@adminbyseregasoleniyminer4490 3 жыл бұрын

@ALONE-RIDERN160 3 жыл бұрын

Thanks bro 😁

@adminbyseregasoleniyminer4490 3 жыл бұрын

W..H..A...T..S...A..P..P..>< >>>>>>>>>>>>>>>>>>> +••1••5••1••6•• 3••9••9••1••9••1••1••

@gnanendraprasad1830 3 жыл бұрын

Hi bro there an issue for me how can i contact u

@quewellschannel6999 2 жыл бұрын

SNYK same like NMAP?

@kutral99 3 жыл бұрын

Great raj, expecting contents like this.! 👍

@falseloop 3 жыл бұрын

Great Tutorial Teja ;) Have a good day ♥

@yashu1089 3 жыл бұрын

lots of love from Russia

@diksha9926 3 жыл бұрын

Bro can you tell me which headphone you wore?😅

@GoaBeach988 3 жыл бұрын

Tq u

@adminbyseregasoleniyminer4490 3 жыл бұрын

@Himanshu-Fy 3 жыл бұрын

Sir make a video where we can mining in android via command/running python cudo/nanopool code use via in android make a video this goona be good 🔥

@kishanraokumbham5048 3 жыл бұрын

Broo i want resources for learning web security can you plzz help me pointing in right direction I'm confused totally what n where to study and practice plzzxx

@techrajassistant7317 3 жыл бұрын

Thanks for your review...... For more information.... contact my recommended broker +1=4=2=3=8=0=1=8=4=0=6 W/H/A/T/S/A/P/P""