SQL Injections

Hi, and welcome to this new video! In this video I introduce one of the most famous vulnerabily in the context of Web Exploitation, namely SQL injections. In particular we will talk about databases and the SQL language, then we will discuss about programming languages, interpreters, and the main idea behind injections vulnerabilities, and finally we will see two practical examples of SQL injections, one taken from DVWA, and the other from SecureBank, two applications written with the intent to be vulnerable. If you're interested in more videos of the series or if you have any feedback, please let me know! ------------------------- TIMESTAMP 00:00 Introduction 03:15 Databases and Structured Query Language (SQL) 16:40 Simple queries 22:30 Interpreters 27:15 Injections 30:42 Example 1 – PHP Snippet 38:30 Example 2 – DVWA easy 50:10 Example 3 – DVWA medium 53:44 Example 4 – SecureBank ------------------------- REFERENCES - Material: https://github.com/LeonardoE95/yt-en/tree/main/src/2024-03-03-web-exploitation-sql-injections - SecureBank: https://github.com/ssrdio/SecureBank - DVWA code: https://github.com/LeonardoE95/DVWA - BurpSuite Community Edition: https://portswigger.net/burp/communitydownload - Icon for thumbnail: https://www.flaticon.com/free-icons/vaccine ------------------------- CONTACTS - Blog: https://blog.leonardotamiano.xyz/ - Github: https://github.com/LeonardoE95?tab=repositories - Support: https://www.paypal.com/donate/?hosted_button_id=T49GUPRXALYTQ