1
00:00:00,800 --> 00:00:03,470
Hello, everyone, and welcome to this video.

2
00:00:04,070 --> 00:00:10,970
So in this video, we are going to solve one of the ESKIL injection lab that is provided by the Port

3
00:00:10,970 --> 00:00:11,730
Swigart team.

4
00:00:12,290 --> 00:00:17,620
So we have already seen how to sign up under the security academy, guys.

5
00:00:17,770 --> 00:00:24,980
This is one of the very good resource that you can utilize to brush up your skills for bug bounty hunting

6
00:00:24,980 --> 00:00:26,540
and penetration testing.

7
00:00:27,200 --> 00:00:27,680
All right.

8
00:00:27,740 --> 00:00:29,750
So here is the first lab.

9
00:00:29,750 --> 00:00:31,610
And let's quickly solve this.

10
00:00:32,810 --> 00:00:40,070
So the lab sees a school indication of liability in their class, allowing a retrieval of hidden data.

11
00:00:40,790 --> 00:00:45,760
Now, this lab is based on the previous videos that we have seen.

12
00:00:47,270 --> 00:00:53,090
So we are going to utilize our that knowledge in solving this lab.

13
00:00:54,030 --> 00:01:00,540
All right, so you can see or hear this loud contains a ESKIL indication, one liablity into the product

14
00:01:00,540 --> 00:01:01,640
category filter.

15
00:01:02,040 --> 00:01:04,890
So the one level parameter is category.

16
00:01:06,150 --> 00:01:12,410
When the user selects a category, the application carries out an actual query which is given below.

17
00:01:12,960 --> 00:01:19,980
So you can see the actual query is also given now to all the lab performance scrolling action attack

18
00:01:20,130 --> 00:01:27,060
that causes the application to display the details of all products in any category, both released and

19
00:01:27,060 --> 00:01:27,760
unreleased.

20
00:01:28,530 --> 00:01:28,980
All right.

21
00:01:28,980 --> 00:01:37,560
So the motive of solving this lab is to see all the products which lies into the categories, which

22
00:01:37,560 --> 00:01:39,330
is even unreleased.

23
00:01:40,020 --> 00:01:40,610
Perfect.

24
00:01:40,650 --> 00:01:42,970
So now we know what is our aim.

25
00:01:42,990 --> 00:01:46,230
So let's jump into the lab and quickly solve it.

26
00:01:47,580 --> 00:01:53,490
For that, you need to click on Access the Lamberton and it will just take a few seconds to bring up

27
00:01:53,490 --> 00:01:54,390
the lab for you.

28
00:01:55,110 --> 00:02:01,500
As you can see, we have successfully started the lab and it looks something like this on which there

29
00:02:01,500 --> 00:02:04,160
is a shop we like to shop.

30
00:02:04,170 --> 00:02:06,060
So perfect.

31
00:02:06,690 --> 00:02:14,640
Now, if you remember in the question, it was said that the product category is the one rebel point

32
00:02:14,640 --> 00:02:15,780
or the injection point.

33
00:02:16,200 --> 00:02:19,110
So let's choose something from here.

34
00:02:19,650 --> 00:02:21,750
I think this is the product category.

35
00:02:22,290 --> 00:02:29,760
So let's say we click on Clothing's Choose and ethnicity or let's say we go on food and drink.

36
00:02:30,960 --> 00:02:37,380
As you can see, we here we have three products right now onto our home screen.

37
00:02:37,920 --> 00:02:44,260
And these three products are the first one, the second one and the third one.

38
00:02:45,270 --> 00:02:51,210
Now, let's identify if we are able to see all the products here or not.

39
00:02:51,510 --> 00:02:55,730
But now we want to see those products which are not released yet.

40
00:02:56,040 --> 00:02:56,690
So what to do?

41
00:02:57,390 --> 00:03:00,230
So we are going to use one query that I have written.

42
00:03:00,630 --> 00:03:07,320
So let's just copy paste this query and paste it, and then we will do the breakdown of the query and

43
00:03:07,320 --> 00:03:07,920
hit enter.

44
00:03:08,340 --> 00:03:10,140
And you can see congratulations.

45
00:03:10,140 --> 00:03:17,760
You have solved the lab and you are able to see all the products that were hidden or were not released

46
00:03:17,760 --> 00:03:20,460
but have been successfully released now.

47
00:03:20,490 --> 00:03:26,340
Or you are able to retrieve the data from the database of those products, which was not released.

48
00:03:27,010 --> 00:03:29,620
So let's do a quick breakdown of the query.

49
00:03:30,780 --> 00:03:38,570
So what is the query that has been fired in the backend when you try to go onto any category, reselect

50
00:03:38,580 --> 00:03:42,900
start from products table where category equals two.

51
00:03:42,900 --> 00:03:51,150
So category column equals to gifts and released column equals to what this basically means to show only

52
00:03:51,150 --> 00:03:54,660
the products in a specific category which are released.

53
00:03:55,110 --> 00:04:03,870
But we have used this query which makes the condition as true, and we are able to retrieve the sensitive

54
00:04:03,870 --> 00:04:09,900
data from the database in which we are able to see those products which are also not released.

55
00:04:10,410 --> 00:04:16,530
We have already seen a couple of videos in the previous elections in which we have the deep breakdown

56
00:04:16,800 --> 00:04:20,520
even using the table to understand this query.

57
00:04:20,970 --> 00:04:27,600
Similarly, you can use this query as well if you do not want to comment the ending part of the query.

58
00:04:27,870 --> 00:04:30,770
And this would do the job for you as well.

59
00:04:31,320 --> 00:04:35,830
So I hope you guys understood this and we have successfully solved our lab, number one.

60
00:04:36,240 --> 00:04:36,810
Thank you.