1
00:00:00,170 --> 00:00:03,440
In this video, we are going to see what is an SQL injection attack.

2
00:00:03,440 --> 00:00:09,020
And we are going to solve the low difficulty SQL injection challenge on dam vulnerable web application.

3
00:00:10,250 --> 00:00:15,560
SQL injection is a type of attack in which an attacker injects a malicious code into a website's SQL

4
00:00:15,560 --> 00:00:21,170
statement and gains access to a sensitive information or performs malicious actions on the database.

5
00:00:22,190 --> 00:00:27,770
This is typically done by manipulating input fields in a web application that is connected to a database

6
00:00:27,770 --> 00:00:30,260
such as the login form or a search box.

7
00:00:30,350 --> 00:00:35,180
In such a way as to trick the application into executing an intended SQL commands.

8
00:00:38,630 --> 00:00:44,090
SQL injection attacks can allow attackers to bypass authentication, access, modify or delete sensitive

9
00:00:44,090 --> 00:00:47,270
data, or even execute commands on the operating system.

10
00:00:48,150 --> 00:00:53,190
They can also be used to create new user accounts with high privileges or to perform other malicious

11
00:00:53,190 --> 00:00:53,940
actions.

12
00:00:57,000 --> 00:01:02,640
So you should be on Kali Linux or Parrot OS in VMware virtual box or running natively on your PC.

13
00:01:04,349 --> 00:01:08,400
When step one go to settings and set the difficulty to low.

14
00:01:10,540 --> 00:01:15,400
If we put the following command in the box, it will list down all information in the specific category

15
00:01:15,820 --> 00:01:19,690
we are using a single colon with or one is equal to one.

16
00:01:19,720 --> 00:01:21,430
That will be true always.

17
00:01:23,840 --> 00:01:29,420
We can manually use complex commands to list all the information, but we are going to use SQL map to

18
00:01:29,420 --> 00:01:30,710
automate the process.

19
00:01:30,800 --> 00:01:35,390
First of all, intercept a normal request with burp and save it in text document.

20
00:01:36,480 --> 00:01:41,460
No large scale map with the following command, which will list down all databases.

21
00:01:44,760 --> 00:01:49,530
Now to get more information about the tables of a particular database, we can use the command with

22
00:01:49,530 --> 00:01:50,370
dash dash tables.

23
00:01:50,370 --> 00:01:50,940
Flag.

24
00:01:54,410 --> 00:01:58,580
Similarly, we can get column information of tables with the following command.

25
00:01:58,700 --> 00:01:59,180
Dash, dash.

26
00:01:59,180 --> 00:02:03,230
Column flag and we can dump the data with dash.

27
00:02:03,230 --> 00:02:04,490
Dash, dump all flag.

28
00:02:08,210 --> 00:02:10,130
Let's see the actual demonstration.

29
00:02:12,400 --> 00:02:17,140
So on your application, open the SQL injection tab.

30
00:02:21,110 --> 00:02:23,180
And type the command as shown on the screen.

31
00:02:25,100 --> 00:02:27,140
It will list down all the entries.

32
00:02:33,030 --> 00:02:33,530
No fire.

33
00:02:33,540 --> 00:02:34,050
A burp.

34
00:02:35,930 --> 00:02:41,270
While Burp is starting up, we can see that if we put any ID in the user ID field.

35
00:02:42,750 --> 00:02:44,520
We get its information.

36
00:02:46,850 --> 00:02:51,770
And if you use the command as shown on the screen, we get the information of all the users.

37
00:02:54,550 --> 00:02:57,160
So in burp, turn the intercept on.

38
00:03:00,180 --> 00:03:02,070
Captured the new request with burp.

39
00:03:03,240 --> 00:03:06,930
Right click it and save it in a text document.

40
00:03:16,280 --> 00:03:20,780
Now on your terminal, you can check the help of SQL map with dash H flag.

41
00:03:24,150 --> 00:03:28,200
Which will list down all available options that you can use with Map.

42
00:03:33,060 --> 00:03:36,750
We'll start map with the request document that you have saved.

43
00:03:45,010 --> 00:03:47,590
And it will list down all available databases.

44
00:03:49,190 --> 00:03:54,320
Now to get more information about database, we can use the dash dash tables flag.

45
00:03:55,460 --> 00:03:57,860
And it will list down the two tables that are there.

46
00:03:59,690 --> 00:04:01,790
You can also check the columns of the table.

47
00:04:02,120 --> 00:04:02,550
Dash, dash.

48
00:04:02,570 --> 00:04:02,840
Column.

49
00:04:02,860 --> 00:04:03,440
Slag.

50
00:04:07,880 --> 00:04:11,420
And we can get all the data with dash, dash, dash, all flag.

51
00:04:14,970 --> 00:04:20,459
Skill map will also prompt if you want to crack the hashes and if you say yes, it will try to crack

52
00:04:20,459 --> 00:04:22,470
all the hashes with default dictionary.

53
00:04:28,130 --> 00:04:30,860
After a few moments, all the data will be displayed.