1.5 Lab: SQL injection UNION attack, retrieving data from other tables | 2023
This lab contains a SQL injection vulnerability in the product category filter. so you can use a UNION attack to retrieve data from other tables. To construct such an attack, you need to combine some of the techniques you learned in previous labs. The database contains a different table called users, with columns called username and password | Karthikeyan Nagaraj
Description
This lab contains a SQL injection vulnerability in the product category filter. The results from the query are returned in the application’s response, so you can use a UNION attack to retrieve data from other tables. To construct such an attack, you need to combine some of the techniques you learned in previous labs.
The database contains a different table called users
, with columns called username
and password
.
To solve the lab, perform a SQL injection UNION attack that retrieves all usernames and passwords, and use the information to log in as the administrator
user.
Solution
- As we know the database contains 2 tables called username and password, so the query will be like
'+UNION+SELECT+username,+password+FROM+users--
- Use the above query in any category parameter to display the data from the username and password column
- Use the credentials and log in to the admin Account to solve the lab
If you would like to support me so that I can create more free content — https://www.buymeacoffee.com/cyberw1ng
Thank you for Reading!
Happy Hacking ~
Author: Karthikeyan Nagaraj ~ Cyberw1ng
Telegram Channel for Ethical Hacking Dumps — https://t.me/ethicalhackingessentials