July 2018
Beginner
564 pages
12h 22m
English
Content preview from Learn Ethical Hacking from Scratch
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Discovering an SQLi using the GET method
Now we will study an SQLi in a different file, on a different page, and see a few different things that we can do to exploit that vulnerability. So, first, go to the login page, which is in OWASP Top 10 | A1-Injection | SQL-Extract Data | User Info:
In the previous section, we went to the login page by clicking on the Login/Register option on the page; this time we're going to go through the User Info page, so the page will show us information about the user, provided we give the Name and Password. Enter all the credentials, such as username and password, and the page will show us all the username ...