SQL Injection Captcha - Manual Intervention Required! - Low Security Level
Solution:
Step 1. Click on here and check if any changes are observed - No changes seen.Step
2. Click on Reload button and check if any visible changes are seen - Captcha changes
Step 3. Lets give Captcha as an input and click on Proceed. New page is loaded. Notice the url has been changed. Lesson Page url - http://10.0.2.4/bWAPP/manual_interv.php After giving Captcha url - http://10.0.2.4/bWAPP/sqli_9.php
Step 4. Give ' as an input and click on Search button. Check the Error.
Step 5. Use the below mentioned payload in the text box and click on Search button.
Payload:
'or'1'='1
0' union select all 1, concat(id,login),password,email,secret,6,7 from users #;
* Explore lesson with other payloads.
PseudoTime
