Burp Suite/SQL Injection: Difference between revisions
From charlesreid1
| Line 35: | Line 35: | ||
* https://portswigger.net/web-security/sql-injection/union-attacks/lab-determine-number-of-columns | * https://portswigger.net/web-security/sql-injection/union-attacks/lab-determine-number-of-columns | ||
* this page covers a ton of information: [[SQL Injection/UNION Attack]] | * this page covers a ton of information: [[SQL Injection/UNION Attack]] | ||
* guide: https://www.youtube.com/watch?v=umXGHbEyW5I | |||
Lab 4: SQL injection UNION attack, finding a column containing text | Lab 4: SQL injection UNION attack, finding a column containing text | ||
* https://portswigger.net/web-security/sql-injection/union-attacks/lab-find-column-containing-text | * https://portswigger.net/web-security/sql-injection/union-attacks/lab-find-column-containing-text | ||
* https://www.youtube.com/watch?v=SGBTC5D7DTs | * guide: https://www.youtube.com/watch?v=SGBTC5D7DTs | ||
Lab 5: SQL injection UNION attack, retrieving data from other tables | Lab 5: SQL injection UNION attack, retrieving data from other tables | ||
* https://portswigger.net/web-security/sql-injection/union-attacks/lab-retrieve-data-from-other-tables | * https://portswigger.net/web-security/sql-injection/union-attacks/lab-retrieve-data-from-other-tables | ||
* https://www.youtube.com/watch?v=6Dsj5SqR944 | * guide: https://www.youtube.com/watch?v=6Dsj5SqR944 | ||
Lab 6: SQL injection UNION attack, retrieving multiple values in a single column | Lab 6: SQL injection UNION attack, retrieving multiple values in a single column | ||
* https://portswigger.net/web-security/sql-injection/union-attacks/lab-retrieve-multiple-values-in-single-column | * https://portswigger.net/web-security/sql-injection/union-attacks/lab-retrieve-multiple-values-in-single-column | ||
* https://www.youtube.com/watch?v=yRVYoqR9vrI | * guide: https://www.youtube.com/watch?v=yRVYoqR9vrI | ||
Revision as of 16:43, 21 May 2023
This page covers how to perform SQL injection attacks with Burp Suite.
Burp Suite Training
SQL Injection Labs
Main article: SQL Injection
https://portswigger.net/web-security/sql-injection
Lab 1: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
- https://portswigger.net/web-security/sql-injection/lab-retrieve-hidden-data
- https://www.youtube.com/watch?v=alTceRdSxS0
- lab doesn't require burp suite, just tinkering with URL parameters
- single quotes raising internal errors are a sign of SQL Injection vulnerability
Lab 2: SQL injection vulnerability allowing login bypass
- https://portswigger.net/web-security/sql-injection/lab-login-bypass
- https://www.youtube.com/watch?v=ML3aGaloczI
- lab doesn't require burp suite, just feeding SQL queries into login form
- guessing
SELECT firstname FROM users WHERE username='admin' AND password='admin' - single quotes raising internal errors are a sign of SQL Injection vulnerability
- if at first you don't succeed, try, try again: admin, administrator, etc etc etc
- https://www.youtube.com/watch?v=fMPvCyD2v4w
- This is another version of the same lab, but using the Python requests library
SQL Injection UNION Attacks
Main article: SQL Injection/UNION Attack
https://portswigger.net/web-security/sql-injection/union-attacks
Lab 3: SQL injection UNION attack, determining the number of columns returned by the query
- https://portswigger.net/web-security/sql-injection/union-attacks/lab-determine-number-of-columns
- this page covers a ton of information: SQL Injection/UNION Attack
- guide: https://www.youtube.com/watch?v=umXGHbEyW5I
Lab 4: SQL injection UNION attack, finding a column containing text
- https://portswigger.net/web-security/sql-injection/union-attacks/lab-find-column-containing-text
- guide: https://www.youtube.com/watch?v=SGBTC5D7DTs
Lab 5: SQL injection UNION attack, retrieving data from other tables
- https://portswigger.net/web-security/sql-injection/union-attacks/lab-retrieve-data-from-other-tables
- guide: https://www.youtube.com/watch?v=6Dsj5SqR944
Lab 6: SQL injection UNION attack, retrieving multiple values in a single column