Welcome to the second tutorial of the "SQL Injection - The Old School Way" series!
This hands-on series is perfect for anyone looking to understand the fundamentals of SQLi, from crafting queries to manipulating databases for data extraction.
In this video, we’ll talk about more SQL injection detection and exploitation techniques, combined with a basic research methodology to uncover new payloads that can help in WAF evasion.
Timestamp
00:00 Start
01:56 Authentication bypass - Union based
04:36 Error based Injection
06:16 Exploitation using extractvalue
08:07 Other Error-based injection payloads
08:28 WAF and other Concerns
10:00 Testing the WAF
11:43 Basic DB functions research
14:07 Evading the WAF
15:48 Boolean based injection
18:30 Exploitation using substring + ord
24:47 Automating Blind SQLi exploitation
26:45 What should you do next?
Challenges to solve are:
- SQL - Error based
- Boolean based injection
and can be found at https://cyard.0x4148.com/
Vulnerable lims app to play around with : https://livelabs.0x4148.com/lims
Service I used to test SQL queries: https://sqlfiddle.com/
Writeup for the previous challenge by n0pTeX : https://medium.com/@n0pTeX/sql-injection-breaking-in-01-https-cyard-0x4148-com-c38172ec375c
If you have any feedbacks reachout to me at
https://www.facebook.com/xor.0x4148/
or
https://x.com/0x4148
