Burp Suite/SQL Injection: Difference between revisions
From charlesreid1
| Line 3: | Line 3: | ||
==Burp Suite Training Labs== | ==Burp Suite Training Labs== | ||
Lab: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data | Lab 1: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data | ||
* https://portswigger.net/web-security/sql-injection/lab-retrieve-hidden-data | * https://portswigger.net/web-security/sql-injection/lab-retrieve-hidden-data | ||
* https://www.youtube.com/watch?v=alTceRdSxS0 | * https://www.youtube.com/watch?v=alTceRdSxS0 | ||
| Line 10: | Line 10: | ||
Lab: SQL injection vulnerability allowing login bypass | Lab 2: SQL injection vulnerability allowing login bypass | ||
* https://portswigger.net/web-security/sql-injection/lab-login-bypass | * https://portswigger.net/web-security/sql-injection/lab-login-bypass | ||
* https://www.youtube.com/watch?v=ML3aGaloczI | * https://www.youtube.com/watch?v=ML3aGaloczI | ||
| Line 17: | Line 17: | ||
* single quotes raising internal errors are a sign of [[SQL Injection]] vulnerability | * single quotes raising internal errors are a sign of [[SQL Injection]] vulnerability | ||
* if at first you don't succeed, try, try again: admin, administrator, etc etc etc | * if at first you don't succeed, try, try again: admin, administrator, etc etc etc | ||
* https://www.youtube.com/watch?v=fMPvCyD2v4w | |||
* This is another version of the same lab, but using the Python requests library | |||
Revision as of 16:14, 21 May 2023
This page covers how to perform SQL Injection attacks with Burp Suite.
Burp Suite Training Labs
Lab 1: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
- https://portswigger.net/web-security/sql-injection/lab-retrieve-hidden-data
- https://www.youtube.com/watch?v=alTceRdSxS0
- lab doesn't require burp suite, just tinkering with URL parameters
- single quotes raising internal errors are a sign of SQL Injection vulnerability
Lab 2: SQL injection vulnerability allowing login bypass
- https://portswigger.net/web-security/sql-injection/lab-login-bypass
- https://www.youtube.com/watch?v=ML3aGaloczI
- lab doesn't require burp suite, just feeding SQL queries into login form
- guessing
SELECT firstname FROM users WHERE username='admin' AND password='admin' - single quotes raising internal errors are a sign of SQL Injection vulnerability
- if at first you don't succeed, try, try again: admin, administrator, etc etc etc
- https://www.youtube.com/watch?v=fMPvCyD2v4w
- This is another version of the same lab, but using the Python requests library