SQL Injection - Lab #1 SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
Рет қаралды 68,875
Күн бұрынIn this video, we cover Lab #1 in the SQL injection track of the Web Security Academy. This lab contains an SQL injection vulnerability in the product category filter. To solve the lab, we perform a SQL injection attack that causes the application to display details of all products in any category, both released and unreleased.
▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: academy.ranakhalil.com/p/web-...
▬ Contents of this video ▬▬▬▬▬▬▬▬▬▬
00:00 - Introduction
01:22 - Lab #1 SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
02:10 - Understand the exercise and make notes about what is required to solve it
03:32 - Exploit the lab manually
11:57 - Script the exploit
28:47 - Summary
29:07 - Thank You
▬ Links ▬▬▬▬▬▬▬▬▬▬
SQL injection Theory video (previous video): • SQL Injection | Comple...
Python script: github.com/rkhal101/Web-Secur...
Notes.txt document: github.com/rkhal101/Web-Secur...
Web Security Academy KZbin Video Series Release Schedule: docs.google.com/spreadsheets/...
Web Security Academy: portswigger.net/web-security
Rana's Twitter account: / rana__khalil
@RanaKhalil101 2 жыл бұрын
Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨
@Dj-jh3dy Жыл бұрын
What are the pre requisites for this course..can you suggest some learnings to do before doing this series because I see python coding in the second part of the video
@anputhegod246 3 жыл бұрын
I love how she teaches. There is not that many good teachers in cyber security, that will take there time and go step by step in the process of what is going on in coding or troubleshooting to gain control in with certain tools. I salute her and her patients with us all. She is one of my favorite Like Heath Adams (Cyber Mentor), John Hammond, InsiderPHD katie, IT Security Labs guy, Tib3rius, STOK and Nahamsec
@whatever32135 3 жыл бұрын
This series is great. And I really appreciate the scripting section
@jackschwimmer7455 3 жыл бұрын
I’ve seen many tutorials and even paid courses that don’t get even closer to the quality of this video. Thanks for sharing this for people who are just starting out. Really appreciated
@afsarriyan7395 3 жыл бұрын
IMO.. this is the best approach !! Programming is an inevitable skill for a successful pentest career. Nailed it !! Very much excited for rest of series.
@charlesvijayanand 3 жыл бұрын
Perfectly explained! I don't think this can be explained better than this one. Thanks
@thientrinh1618 Жыл бұрын
this series is very helpful, it is an exciting course, and this is what I need, many thanks
@oscarromero1007 3 жыл бұрын
Gracias por los vídeos, son maravillosos!! Y la explicación para hacer los scripts en python está genial, muchas gracias.
@mostafasayed2783 6 ай бұрын
جزاكى الله خيرا ونفعك وزادك من فضله فى الدنيا والاخرة بأذن الله
@SumanthRao-gj5zk 3 жыл бұрын
I was struggling for a long time for a video like this video.Thanks
@dr14n-1v9 Ай бұрын
i started learning portswigger labs and i found this vid is extremely helpful. tysm for making this content❤
@chung_myung. 3 жыл бұрын
I found your channel today, the way you explain is awsm😍😍😍. Thank you for explaining soo clearly mam. Please make more videos mam on different topics too😅
@aryan_shorts812 Жыл бұрын
The art of automating the attack's stunning🎉
@vijayshreenivos9417 3 жыл бұрын
I watch @ippsec tutorials for my lunch&learn skills development ; now your videos will become the secret sauce for my documentation and scripting technique. excellent work , looking forward to see more
@s7rix894 3 жыл бұрын
You're a pro ! Good job and thanks for the video
@ameerhamza4017 3 жыл бұрын
100 percent as per my demand....thanks... Dear Viewer, don't forget to share this amazing video, and give her positive feedback for hard work.
@maheeadnan3610 Жыл бұрын
Thank you for these videos . i appreciate the way you teach us.
@janricmalate6793 3 жыл бұрын
Very well said. I learned a lot, looking forward for your future contents 😁. Thank you♥️
@sakshamdoshi9064 Жыл бұрын
You belong to people who we subscribe getting impressed, well deserved
@joaquimmenezes7396 3 жыл бұрын
Definitely loved ur content would like more videos on other topics on portswigger
@sandunifernando8191 3 жыл бұрын
This is Great. I don't have enough words to thank you. You saved me. Excited for rest of the series.
@0xfsec 3 жыл бұрын
MashaaAllah Great video.. I love the section writing exploit with python.
@tamilincognito9291 3 жыл бұрын
Your content also very useful. More videos upload we are support your videos
@mukoshmanob9240 3 жыл бұрын
nice speech.keep it up mam and give us more information
@algorithm3317 3 жыл бұрын
Thanks for all the awesome content! , God bless.
@Philippe3556 9 ай бұрын
Great video! Thank you!
@saeedlafi7888 Жыл бұрын
الله يعطيك العافيه شرحك اسطوري
@ayodub 3 жыл бұрын
@14:00 is really cool. I've made a bunch of web fuzzers in python, but have never seen the proxy thing done.
@johndudde7618 3 жыл бұрын
awesome! Thank you for share this tutorial!
@kashyapsugandh7319 9 ай бұрын
Thank you so much for the amazing video Rana! Had to ask what extension did you use in vs code?
@raghuveern666 3 жыл бұрын
Thoroughly enjoyed learning from your vids...
@watchandgainknowledge 3 жыл бұрын
what what what an amazing explanation you've given to us in free of Cost.... I hope you'll not *Private/OnlyMe* these Videos
@Pr4547h 3 жыл бұрын
Hi madam, Your way off teaching are awesome..!! (Theory,practical & scripting) Happy women's day 🎉❤️🙏
@RanaKhalil101 3 жыл бұрын
Thanks!
@SangharshSeth 3 жыл бұрын
Greate Video. on top of that scripting the attack made the exploit even more clear.I just have one question . When you wrote script for the attack for checking if its successful you used something which we got from manually exploiting the app i.e the Cat string. Can you give another method to check the attack when we did not manually found the result. Hope my doubt was clear. Again thanks for the video
@prisonmike8681 Жыл бұрын
Best pen testing course ever!
@Cruisin_In_Comfort 2 жыл бұрын
Great content. How come you do not use the browser built into Burp ? Is there a reason to use foxy proxy instead ?
@noureldinehab2686 3 жыл бұрын
excited for that💙
@dxsp1d3r 3 жыл бұрын
Nice Initiative Rana Khalil
@_CryptoCat 3 жыл бұрын
Great vid Rana, keep it up! :)
@gyangaha109 3 жыл бұрын
Great Appreciation
@surojitmaity2397 Жыл бұрын
perfect explanation!
@Car17138 2 жыл бұрын
amazing video i like your coding skill ma'am
@HCMSainacr 3 жыл бұрын
😔 very thankful بوركتي
@rodrigoa.cascao1553 Жыл бұрын
Very good!
@saivaste9686 7 ай бұрын
Just a small query. Since we were able to add payload in the browser itself where showed that there is something called "Cat Grin" which we used as payload. But in real-life, we won't be able to get those. In such cases what would be our key in place of Cat Grin. Awaiting your revert.
@eclipseinsight 3 жыл бұрын
Eagerly waiting for this...
@Mike01010011 3 жыл бұрын
Me too
@saichandtadepalli9154 3 жыл бұрын
amazing explanation
@jacobsamuel4092 Жыл бұрын
This is great work
@kusharora1435 2 жыл бұрын
this is super awesome.. and exactly what i needed. thank you so much, Rana.. you are a gem
@bobbychase5616 3 жыл бұрын
im ready to learn!
@archakpramanik1226 3 жыл бұрын
Plz make a detailed video on sensetive information disclosour
@rahulbhichher2478 3 жыл бұрын
Thankyou for this great playlist on SQLi... Waiting for more. ❤️
@PeretRed 3 жыл бұрын
Great content !
@wadallace Жыл бұрын
Really great video - thank you for taking the time to share this with us. The question I have is related to the scripting. In theory, the point of scripting would be to automate the process instead of doing it manually. As you wouldn't know there was a hidden product for the Cheshire Cat unless you had already succeeded in the injection, then I'm confused as to why we would add that to the script that's supposed to tell us whether or not the injection was successful? How would we write a script that tells us if it's successful or not without already having that information?
@IAmScarab Жыл бұрын
Same observation and question myself.
@mynameisrezza 10 ай бұрын
Maybe I'd rather use sqlmap :)
@giftonpaulimmanuel146 Жыл бұрын
congrats on 30k
@yassers1893 3 жыл бұрын
Helpful ,, thank you
@danweinman6999 3 жыл бұрын
Thank you for the informative content. What note taking and windowing/terminal app were you using?
@RanaKhalil101 3 жыл бұрын
Visual Studio
@RanaKhalil101 3 жыл бұрын
Hi everyone! I would really appreciate it if you could fill out the following feedback form after watching the video: bit.ly/38g0SdZ. Thank you!
@ahmedelnaas2730 Жыл бұрын
thanks Rana
@dgk0 3 жыл бұрын
This is a great video. could this go any quicker tho.. at this pace.. itll take more than two years to finish the labs
@brahimchebli7781 3 жыл бұрын
شكرا من المغرب
@panachaiboonyoo1553 Жыл бұрын
thank you
@surojitmaity2397 Жыл бұрын
Hi Rana, I see your whole methodology is very nice. Do you provide any online classes for web pentesting. How to reach you in case need some career consultation on Cyber security.
@UBHadidas 10 ай бұрын
Good video!
@prisonmike8681 Жыл бұрын
Does anyone know why endless loading happens when I tried to perform a similar attack?
@user-rt9uj4rl6n 5 ай бұрын
hi rana , that is a great video and helpful but i have an error and i don't understand the reason Can u help me?
@gurvirsingh4190 3 жыл бұрын
Great mam
@apratimtripathi3403 Жыл бұрын
Being third person we will be completely unknow of what is going to release then how can we write a script for that ? Here you knew that cat grin will be there but not in every case you know something.
@prabhatmishra5667 2 жыл бұрын
Can I only run the python code in Kali Linux? Or in windows it is possible?
@DheerajKumar-kh1sl 3 жыл бұрын
mam pls make playlist on other topics too
@rajneeshkumararya3643 11 ай бұрын
I am getting the concept, and it is beautifully explained, but where can I learn this scripting this is the only thing I'm lagging here.
@issarihani Жыл бұрын
Hello Rana, Can you Please offer a course for the python programming that is needed for SQL injection
@Don-ct7ok Жыл бұрын
How do I get the terminal to complete the lab?
@armanmulani7453 3 жыл бұрын
Love From India
@khai-vq5hn 7 ай бұрын
what vscode theme is she using
@dibyarupdas2130 3 жыл бұрын
Hi Rana, firstly great work!! You have explained the things in such an elegant way. I am eagerly waiting for the upcoming videos. But I have one small query though. Since we are finding all the products of all categories, can we not comment out just after select * from products where it will select all the products? The query: select * from products -- where products = 'gifts/pets' and release = 1. So the query effectively executed by the website will be "select * from products". Please do throw some light on my doubt. Thanks.
@RanaKhalil101 3 жыл бұрын
It depends on where the injection point is. The vulnerable parameter in the URL is "category" and whatever gets entered in that field gets inputed in the where clause of the backend query "select * from products where category=". So you need to figure out a way to break out of the category field in the query and add SQL code to reach your end goal. You can't simply comment out the query after the products table (select * from products--) because that's not your injection point and you can't reach that from the category parameter in the URL. Hope that makes sense!
@dibyarupdas2130 3 жыл бұрын
@@RanaKhalil101 Thanks got it. 👍
@retr0960 Жыл бұрын
Why we used Cat Grin
@saurabtharu7252 3 жыл бұрын
what's there in r.text in function exploit_sqli(url,payload) when I did print(r.text) for trouble shooting, it printed "Not found" that's why while scripting it always says [-] SQL injection unsuccessful! even though link and payload both are correct
@raahilbadiani7289 3 жыл бұрын
do check that u are not using / in the end of url that u r passing in the parameter. as that would ultimately send // in the get request.
@saurabtharu7252 3 жыл бұрын
@@raahilbadiani7289 thank you
@furyisfurious398 Жыл бұрын
is this code run if we run through windows
@ameerhamza4017 3 жыл бұрын
Maam, my honest suggestion: please add practical Hands-on Lab. This will help us a lot. Otherwise internet is full of theoritcal material like slides and pdf. So kindly, focus on Core and practical Hands-on operations in every Web-Security videos series. Thanks..... a lot of love and respect...
@RanaKhalil101 3 жыл бұрын
I would recommend watching the intro video: kzbin.info/www/bejne/fZWwha2Zo5p5ZsU. It clearly says that there are both theory and lab videos and this video is going to be a lab (practical) video. In fact, the next 16 videos will be lab videos that have practical hands on exercises.
@sajidalam1989 3 жыл бұрын
@@RanaKhalil101 Thank you for your hard work
@ameerhamza4017 3 жыл бұрын
@@RanaKhalil101 jazak ALLAH.
@crash9706 3 жыл бұрын
You don't recommend using sqlmap? Or will it not help in this situation
@RanaKhalil101 3 жыл бұрын
It definitely does help in this situation. However, using SQLMap is something that is easy to do / learn and that's why in my series I focus on manual exploitation.
@krisharora8774 4 ай бұрын
mam please make a playlist for python scripting , please.
@irsyadahmad8627 3 жыл бұрын
may i know where to learn python scripting
@steveerkel2970 2 жыл бұрын
This is such a great explanation but the video is so blurry I cannot see what you are doing when modifying the URL
@RanaKhalil101 2 жыл бұрын
Go to the Settings icon on the bottom left of the video and make sure the Quality is set to 1080 HD.
@user-sh2jf1en3h 2 жыл бұрын
good job , please zoom in so we can see what you are typing :)
@kylewonglee7724 3 жыл бұрын
Doesn’t work for me
@gwailou9003 9 ай бұрын
I didn't get the point of the script. It only works when you have already identified the successful injection and how to exploit it
@gisnebus5600 2 жыл бұрын
Don't forget to hydrate!
@uionei9083 2 жыл бұрын
I started learning from here, I want to be the best cybersecurity in the world, hehehe
@techboy707 2 ай бұрын
why just '-- is not enough
@makkinongeri8604 3 жыл бұрын
Salam Aleikum, I am a Muslim from Russia studying for Information Security. I am very happy for this sister and wish her every success.
@Kingdd1os Жыл бұрын
ALGORITHM
@thecoder7984 2 жыл бұрын
14:25
@parthibanakt7090 2 жыл бұрын
Scripting section was great
@mistacoolie8481 Жыл бұрын
🎊👍
@muhammadabdullahdilshad8509 23 күн бұрын
I think there was no need of the python script.I think i am naive that i cant understand why she wrote a python querry for the simple task.
@misterjordijey 2 ай бұрын
Using sql injection to buy items off commerce sites without paying anything
@ChetaN_07 3 жыл бұрын
Hey Rana can I get your business mail
@KevoUltimo-jy5ko 10 ай бұрын
yo who tf need college :))
Rana Khalil
Рет қаралды 86 М.
Rana Khalil
Рет қаралды 28 М.
Rana Khalil
Рет қаралды 2,7 М.
HackShiv
Рет қаралды 17 М.
Immersed
Рет қаралды 5 МЛН
i-shoppers обзоры
Рет қаралды 1,6 МЛН
Photographer Army
Рет қаралды 9 МЛН