Рет қаралды 25,259
In this video, we cover Lab #3 in the SQL injection track of the Web Security Academy. This lab contains a SQL injection vulnerability in the product filter category field. This vulnerability can be exploited using a UNION attack to retrieve data from other tables. To solve the lab, we perform a SQL injection attack that determines the number of columns that are being returned by the query.This is the first step of a SQL injection UNION attack. We'll use this technique in subsequent labs to construct the full attack.
▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: academy.ranakhalil.com/p/web-...
▬ Contents of this video ▬▬▬▬▬▬▬▬▬▬
00:00 - Introduction
01:36 - Understand the exercise and make notes about what is required to solve it
13:14 - Exploit the lab manually
20:46 - Script the exploit
33:27 - Summary
34:00 - Thank You
▬ Links ▬▬▬▬▬▬▬▬▬▬
SQL injection Lab #2 video (previous video): • SQL Injection - Lab #2...
SQL Injection | Complete Guide (theory video): • SQL Injection | Comple...
Python script: github.com/rkhal101/Web-Secur...
Notes.txt document: github.com/rkhal101/Web-Secur...
Web Security Academy: portswigger.net/web-security
Rana's Twitter account: / rana__khalil