Web Security Academy ~ SQLi (Lab #3) ⚙️
When an application is vulnerable to SQL injection and the results of the query are returned within the application's responses, the UNION keyword can be used to retrieve data from other tables within the database. This results in a SQL injection UNION attack.
When performing a SQL injection UNION attack, there are 2 effective methods to determine how many columns are being returned from the original query.
The 1st method involves injecting a series of ORDER BY clauses and incrementing the specified column index until an error occurs.
The 2nd method involves submitting a series of UNION SELECT payloads specifying a different number of null values:
' UNION SELECT NULL--
' UNION SELECT NULL,NULL--
' UNION SELECT NULL,NULL,NULL--
💙💙💙💙💙💙💙💙💙💙💙💙
FREE CYBER SECURITY LEARNING RESOURCES :
The Cyber Mentor --- https://academy.tcm-sec.com
Nathan House --- https://www.stationx.net
John Hammond --- https://johnhammond.org
Loi Liang --- https://loiliangyang.com
HackerSploit --- https://hackersploit.org
David Bombal --- https://davidbombal.com
Professor Messer --- https://www.professormesser.com
w3schools --- https://www.w3schools.com
#hacktolearn #websecurityacademy #unionselect #sqli
41
views
2
comments
Web Security Academy ~ SQLi (Lab #2) ⚙️
If the query returns the details of a user, then the login is successful. Otherwise, it is rejected.
In this lab an attacker can log in as any user without a password simply by using the SQL comment sequence -- (double-dash) to remove the password check from the WHERE clause of the query.
By submitting the username administrator'-- the password results in the following query:
SELECT * FROM users WHERE username = 'administrator'--' AND password = ''
Ignoring the password field, because it comes after the comment sequence (double-dash)
This query returns the user whose username is administrator and successfully logs the attacker in as that user.
💙💙💙💙💙💙💙💙💙💙💙💙
FREE CYBER SECURITY LEARNING RESOURCES :
The Cyber Mentor --- https://academy.tcm-sec.com
Nathan House --- https://www.stationx.net
John Hammond --- https://johnhammond.org
Loi Liang --- https://loiliangyang.com
HackerSploit --- https://hackersploit.org
David Bombal --- https://davidbombal.com
Professor Messer --- https://www.professormesser.com
w3schools --- https://www.w3schools.com
#hacktolearn #websecurityacademy #sqli #commentsequence #doubledash
30
views
Web Security Academy ~ SQLi (Lab #1) ⚙️
This lab contains a SQL injection vulnerability in the product category filter.
When the user selects a category, the application carries out a SQL query like the following:
SELECT * FROM products WHERE category = 'Gifts' AND released = 1
To solve the lab, perform a SQL injection attack that causes the application to display details of all products in any category, both released and unreleased.
Follow along with this video to learn how to sql inject the application.
Links from video
W3Schools URL Encoding
- https://www.w3schools.com/tags/ref_ur...
💙💙💙💙💙💙💙💙💙💙💙💙
FREE CYBER SECURITY RESOURCES :
The Cyber Mentor --- https://academy.tcm-sec.com
Nathan House --- https://www.stationx.net
John Hammond --- https://johnhammond.org
Loi Liang --- https://loiliangyang.com
HackerSploit --- https://hackersploit.org
David Bombal --- https://davidbombal.com
Professor Messer --- https://www.professormesser.com
w3schools --- https://www.w3schools.com
#hacktolearn #portswigger #burpsuite #portswiggeracademy
36
views
TryHackMe Lazy Admin 🥱
This is a beginner level Capture The Flag (CTF)
This room will teach you the beginner methodology and mindset required to become an ethical hacker.
This room teaches:
* reconnaissance
* finding hidden directories
* getting a shell on the target
* escalating your privileges to root on the target machine
Follow along to learn more!
#hacktolearn #tryhackmelazyadmin #ethicalhacking
3
views
TryHackMe Simple CTF 🏴☠️
This is a beginner level Capture The Flag (CTF).
Learn how to do reconnaissance on a target, get a shell on the target, plus escalate your privileges to root on the target system.
Follow along with this video to learn more.
#hacktolearn #tryhackme #tryhackmesimplectf
2
views
TryHackMe Root Me √
This is a beginner friendly CTF challenge.
This room will teach you the following skills:
* reconnaissance
* getting a shell
* privilege escalation
Follow along with this video to learn more
#hacktolearn #tryhackme #tryhackmerootme #rootme
6
views
TryHackMe Learning Cyber Security
This is a beginner entry level walk through of the TryHackMe room Learning Cyber Security.
Get a short introduction to a few of the security topics you'll be learning about.
* Why Web Application Security is so important?
* Why is Network Security crucial in understanding ethical hacking?
#hacktolearn #tryhackme #learningcybersecurity
43
views
TryHackMe Intro to Offensive Security
Hack your first website (legally in a safe environment) and experience an ethical hacker's job.
#hacktolearn #introtooffensivesecurity #tryhackme
3
views
TryHackMe Careers in Cyber 💻
Learn about the various options/career paths you can channel your studies toward.
What Cyber Security role are you interested in? Check this video out for some cool suggestions, channels etc... to get you into Cyber Security.
Cyber Security Careers are becoming more in demand and offer lucrative salaries. There are many different jobs within the security industry, from offensive Pentesting (hacking machines and reporting on vulnerabilities) to defensive security (defending against and investigating cyber attacks).
Follow along with this video to learn more! 💻
#hacktolearn #tryhackme #tryhackmecareersincyber #beginnercybersecurity
11
views
TryHackMe Junior Security Analyst Intro
To understand the job responsibilities for a Junior (Associate) Security Analyst, (a.k.a SOC Analyst).
Allow me to show you what a day in the life of the Junior Security Analyst looks like and why this is an exciting career path.
Play through a day in the life of a Junior Security Analyst, their responsibilities and qualifications needed to land a role as an analyst.
Follow along with this video to learn more about SOC Analyst's.
#hacktolearn #tryhackmejuniorsecurityanalystintro #soclevel1 #socanalyst
73
views