A type of attack where an attacker interferes with database queries.
Manual on SQLi attack are available at https://portswigger.net/burp/documentation/desktop/testing-workflow/input-validation/sql-injection/testing
Here I just add another approach, using Repeater as usual instead of using Intruder as in the tutorial.
Send the item to be injected to the Repeater
In Repeater, modify the query as below then click Send to attack
The results are the same as in the Burp Suit's documentation. What I want to say here is that you are not overwhelmed by the functions. Intruder is similar in nature to Repeater, except that it is a more convenient way to deliver payload.
There are currently no comments