SQL Injection - Lab #1 SQL injection vulnerability in WHERE clause allowing retrieval of hidden data

In this video, we cover Lab #1 in the SQL injection track of the Web Security Academy. This lab contains an SQL injection vulnerability in the product category filter. To solve the lab, we perform a SQL injection attack that causes the application to display details of all products in any category, both released and unreleased.

▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬
Buy my course: https://academy.ranakhalil.com/p/web-security-academy-video-series

▬ Contents of this video ▬▬▬▬▬▬▬▬▬▬
00:00 - Introduction
01:22 - Lab #1 SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
02:10 - Understand the exercise and make notes about what is required to solve it
03:32 - Exploit the lab manually
11:57 - Script the exploit
28:47 - Summary
29:07 - Thank You

▬ Links ▬▬▬▬▬▬▬▬▬▬
SQL injection Theory video (previous video): https://www.youtube.com/watch?v=1nJgupaUPEQ
Python script: https://github.com/rkhal101/Web-Security-Academy/blob/main/sql-injection/lab-01/sqli-lab-01.py
Notes.txt document: https://github.com/rkhal101/Web-Security-Academy-Series/blob/main/sql-injection/lab-01/notes.txt
Web Security Academy Youtube Video Series Release Schedule: https://docs.google.com/spreadsheets/d/16ypyLuDq2DZ1JAz_WvL1ZV-WiDWhvomgrK_1Hux4MFY/
Web Security Academy: https://portswigger.net/web-security
Rana's Twitter account: https://twitter.com/rana__khalil

Видео SQL Injection - Lab #1 SQL injection vulnerability in WHERE clause allowing retrieval of hidden data канала Rana Khalil