SQLi attack

  

Total views

2,595,131

Posted by: Tuyen Pham Thanh 1 week, 3 days ago

A type of attack where an attacker interferes with database queries.

Manual on SQLi attack are available at https://portswigger.net/burp/documentation/desktop/testing-workflow/input-validation/sql-injection/testing
Here I just add another approach, using Repeater as usual instead of using Intruder as in the tutorial.

Send the item to be injected to the Repeater

In Repeater, modify the query as below then click Send to attack

The results are the same as in the Burp Suit's documentation. What I want to say here is that you are not overwhelmed by the functions. Intruder is similar in nature to Repeater, except that it is a more convenient way to deliver payload.

Comments

There are currently no comments

Posted by: Tuyen Pham Thanh 1 week, 3 days ago

Comments

New Comment

Top Posts & Pages

An unsuccessful small file transfer experience! (113,330 hits)

SELinux with omarine policy: An in-depth look at the security policy – secure program with its own domain: Part 8 (45,385 hits)

Documentation (38,083 hits)

Preparing to install GRUB on the GPT drive (15,974 hits)

SELinux: kernel: The steps for security checking a program before it runs and the corresponding security rules (12,628 hits)

Recent Posts

Does OpenVAS work on SELinux?

SQLi attack

Reflected XSS attack

PFS

TLS