SQL Injection - Lab #3 SQLi UNION attack determining the number of columns returned by the query

Рет қаралды 25,259

Күн бұрын

In this video, we cover Lab #3 in the SQL injection track of the Web Security Academy. This lab contains a SQL injection vulnerability in the product filter category field. This vulnerability can be exploited using a UNION attack to retrieve data from other tables. To solve the lab, we perform a SQL injection attack that determines the number of columns that are being returned by the query.This is the first step of a SQL injection UNION attack. We'll use this technique in subsequent labs to construct the full attack.
▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: academy.ranakhalil.com/p/web-...
▬ Contents of this video ▬▬▬▬▬▬▬▬▬▬
00:00 - Introduction
01:36 - Understand the exercise and make notes about what is required to solve it
13:14 - Exploit the lab manually
20:46 - Script the exploit
33:27 - Summary
34:00 - Thank You
▬ Links ▬▬▬▬▬▬▬▬▬▬
SQL injection Lab #2 video (previous video): • SQL Injection - Lab #2...
SQL Injection | Complete Guide (theory video): • SQL Injection | Comple...
Python script: github.com/rkhal101/Web-Secur...
Notes.txt document: github.com/rkhal101/Web-Secur...
Web Security Academy: portswigger.net/web-security
Rana's Twitter account: / rana__khalil

Пікірлер: 35

@RanaKhalil101 2 жыл бұрын

Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨

@yusrashaikh1259 Жыл бұрын

this is by far the most detailed course i have seen on SQL. love the detailed videos where you explain the scripts. i have never used python's sys, requests, or urllib3 libraries, but it was sooo easy to understand your code! Thank you!

@boneitch 2 жыл бұрын

Thank you so much Rana for your amazing videos! You are really helping me grasp the theory, instead of just repeating the motions. This is truly making me excited to learn again!

@user-ij7nu3og9c 4 ай бұрын

Thank you for all the great content, greetings from France

@mstanford3 Жыл бұрын

Thank you so much for your videos. Not only is your teaching clear and concise, I love that you also show us how to script the solutions using Python 3! You are a great instructor!

@Kinoti9 2 жыл бұрын

Wow just wow. You explained it so well Rana, can't wait to get my money up so I can buy the entire course. Amazing work.

@missclaptrap Жыл бұрын

That was a fantastic video! Thank you for walking through it so in-depth. I also really appreciated the scripting part.

@mostafasayed2783 6 ай бұрын

جزاكى الله خيرا ونفعك وزادك من فضله فى الدنيا والاخرة بأذن الله

@neillyndjee3955 2 жыл бұрын

This was so well done and taught!!! Please keep it up :)

@pimentelrobert1 3 жыл бұрын

@Rana Khalil - God bless you, what an informative and well prepared, delivered and educative tutorial. You made me feel like I can do this too, I admire your succinctness.

@valentyntukov2390 Жыл бұрын

Thank you, Rana! Impressed a lot with your lessons!!!!!

@luisespinosallanos3142 Жыл бұрын

I literally love you, thank you very much for your efforts

@olusegunadejorin8084 3 жыл бұрын

Thank you for your wonderful content, you are wonderful

@tamilincognito9291 3 жыл бұрын

Your content also very useful. More videos upload we are support your videos

@an00n38 2 жыл бұрын

This helped me out. Thank you

@md_daud 2 жыл бұрын

Thank you for quality content!

@edoardottt 3 жыл бұрын

So excited 😄😄😄

@mohamedosman957 2 жыл бұрын

VERY CLEAR EXPLANATION 👏👏👏👏👏

@nathanzebedee5263 2 жыл бұрын

awesome video, thanks!

@rodrigoa.cascao1553 Жыл бұрын

Fantastic!

@UserMS101 Жыл бұрын

I am learning python coding with the attacks. Can you explain why you did i-1 then i+1 then returned False. Otherwise thanks for the course as it is doing a fantastic job in teaching many about different web attacks.

@fusillator Жыл бұрын

it's just a typo, anyway it doesn't break the code because the counter is reassigned at every loop iteration

@sajidalam1989 3 жыл бұрын

Thank you Ma'am

@miningrig9236 2 жыл бұрын

Great work keep going...

@vaibhavbhatnagar9865 3 жыл бұрын

very good keep it up

@gurvirsingh4190 3 жыл бұрын

Wonderful

@surojitmaity2397 Жыл бұрын

I have a doubt, why you put a single quote after Gifts' in burp, I mean how the final query is structured

@yurilsaps 3 жыл бұрын

Hello, I'm studying SQL injection, and it seems that every payload needs at least one of this characters " - , ' , # ", if i filter this on the input I'm 100% safe?