SQL Injection - Lab #6 SQL injection UNION attack, retrieving multiple values in a single column
Рет қаралды 26,314
Күн бұрын
@RanaKhalil101 3 жыл бұрын
Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨
@Shahid-qj4nj 3 жыл бұрын
This is the best tutorial I have ever seen. Calm, detailed and nicely done!
@deepakjindal7701 3 жыл бұрын
HI Rana Khalil i want to thank you for making detailed videos of portswigger sql injection labs. It shows hardwork and effort spent on the content making.
@Belthazor85 2 жыл бұрын
So great! I was struggling to understand the concatenation part, thanks for the video!
@balvsmalvs5425 Жыл бұрын
Yet again, we need to come to videos such as these to learn the basics. The site that is asking these questions is trying to pass as beginner friendly and going from the basics, but it just isn't so. You need to have quite some experience already before attempting this, as not enough info is given on site (portswigger). The on site explanations and procedures are generalistic and do not give us enough info on how to address the challenges. And this is coming from someone with a background on databases. I actually know what the commands are doing, how the tables are being queried, etc.
@落珰 Жыл бұрын
You are very good, I also encountered this problem
@Angel_Santiago27 Жыл бұрын
thank you very much Rana! You are ver kind to share your knowledge so thank you so mucho for taking the time for do this amazing video!
@kcinytrewq 2 жыл бұрын
Amazing. I really love your way of teaching.
@落珰 Жыл бұрын
Thanks, I like it first and then watch the video every time
@baluhyajr.913 Жыл бұрын
Thank you. Your tutorial is great. I find it very useful
@leorasharg2533 3 жыл бұрын
thank you Rana this was helpful
@dibayanroy7920 2 жыл бұрын
Loved learning from you. 👍👍👍
@rikitikitaki5919 11 ай бұрын
Hi, could you say me please. Why the first columg is hided ?
@PopMixxMedia 3 жыл бұрын
Please do all the labs
@anonymous6666 2 жыл бұрын
thank you
@user-jh6yv1wh9w Жыл бұрын
I have a question on this video. . . When I try to '+UNION+SELECT+NULL,username||'~'||password+FROM+users-- the answer is out. But I don't know why NULL is front of username. The category table's column number is 2. But I think, UNION SELECT's column number is 3(NULL, username, password). ( On this, order by 3-- is error. So the column number is 2. But I don't understand why is 2... I think (somthing)| username | password (somthing)| admin | admin ... is this wrong..?) Why NULL is front of username?? Why '+UNION+SELECT+username||'~'||password+FROM+users-- is not answer..?? Please help me . . . :(
@La_Muerte_Soy Жыл бұрын
Because you have 2 columns (returned by applying ' ORDER BY 3-- ). The first one is an item ID that is an integer (I guess), and the second one is a string type with the product name, that is the column that you need for compatibility reasons and will allow you concatenate the username and the password. ITEM ID | Product ---------------------------- 1 | Product X NULL | username || password
@duckdickens1576 11 ай бұрын
Thank you for clarification, I was wondering the same@@La_Muerte_Soy
@magotelecom 3 ай бұрын
Thanks very much and you explain very clearly.
Rana Khalil
Рет қаралды 38 М.
Rana Khalil
Рет қаралды 9 М.
Rana Khalil
Рет қаралды 14 М.
Rana Khalil
Рет қаралды 10 М.
Rana Khalil
Рет қаралды 27 М.