- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
SQL injection Lab 9 Blind Injection with conditional errors
We will be covering the 9th lab for SQL Injection for Portswigger Web Security Academy.
This lab contains a blind SQL injection vulnerability. The application uses a tracking cookie for analytics, and performs a SQL query containing the value of the submitted cookie.
The results of the SQL query are not returned, and the application does not respond any differently based on whether the query returns any rows. If the SQL query causes an error, then the application returns a custom error message.
The database contains a different table called users, with columns called username and password. You need to exploit the blind SQL injection vulnerability to find out the password of the administrator user.
To solve the lab, log in as the administrator user.
--
Join along at Portswigger:
https://portswigger.net/web-security
SQL Injection Labs:
https://portswigger.net/web-security/learning-paths/sql-injection
More information on SQL Injection:
https://owasp.org/www-community/attacks/SQL_Injection
--
Feedback is welcome.
If you found value, please leave a sub and a like. Maybe share it?
Видео SQL injection Lab 9 Blind Injection with conditional errors канала Saga Learns
This lab contains a blind SQL injection vulnerability. The application uses a tracking cookie for analytics, and performs a SQL query containing the value of the submitted cookie.
The results of the SQL query are not returned, and the application does not respond any differently based on whether the query returns any rows. If the SQL query causes an error, then the application returns a custom error message.
The database contains a different table called users, with columns called username and password. You need to exploit the blind SQL injection vulnerability to find out the password of the administrator user.
To solve the lab, log in as the administrator user.
--
Join along at Portswigger:
https://portswigger.net/web-security
SQL Injection Labs:
https://portswigger.net/web-security/learning-paths/sql-injection
More information on SQL Injection:
https://owasp.org/www-community/attacks/SQL_Injection
--
Feedback is welcome.
If you found value, please leave a sub and a like. Maybe share it?
Видео SQL injection Lab 9 Blind Injection with conditional errors канала Saga Learns
Cyber security cyber saga IT education saga learns tricks hacks hack hints tips infosec tech security zerotrust shell helpful hacking Linux CLI Command line interface Shell sudo su netcat nc ftp tcp nmap Cross-Site Scripting red team burp suite portsigger path traversal directory lab lab 2 absolute path bypass bypass file path traversal block URL decode validation of start of path null byte OS Command Injection SQL Login tables table union column query database blind
Комментарии отсутствуют
Информация о видео
4 марта 2026 г. 4:38:15
00:16:54
Другие видео канала
TryHackMe Advent of Cyber 2025 Day 1 Linux CLI - Shells Bells
SQL injection Lab 8 Blind Attack with conditional responses
SQL injection Lab 5 UNION attack, retrieving multiple values in a single column
TryHackMe Advent of Cyber 2025 Day 13 YARA Rules YARA mean one!
Cyber Awareness
Directory Traversal Lab 4 Path Traversal Superfluous URL decode
OS Command Injection Lab 1 Simple Case
TryHackMe Advent of Cyber 2025 Day 2 Phishing - Merry Clickmas
Directory Traversal Lab 3 traversal sequences stripped non recursively
TryHackMe Advent of Cyber Day 6 Malware Analysis Egg Xecutable
Directory Traversal Lab 1 File path traversal simple
SQL injection LAB 7 UNION attack, listing the database contents on non-Oracle databases
TryHackMe Advent of Cyber 2025 Day 4 AI in Security old sAInt nick
TryHackMe Advent of Cyber 2025 Day 5 IDOR Santa's Little IDOR
SQL Injection Lab 11 Blind SQL injection with time delays and information retrieval
Directory Traversal Lab 6 Validation of file extension with null byte bypass
You think you suck at your job? #cyber #password #heist #lourvehesit
Training AI with Poop End-to-End Encryption
SQL injection Lab 6 UNION attack, querying the database type and version
TryHackMe Advent of Cyber 2025 Day 8 Prompt Injection Sched-yule conflict
