Welcome to cyber ery. I'm Raymond Evans, and I will be your subject matter expert for Cyber Aires. Web at pediatrician testing course
This video we will be discussing exploiting sequel injection. So what will be covered? We're gonna talk about exploiting sequel injection manually, and then we're gonna talk about exploiting with tools the two tools we're gonna use our sequel map and sequel Suss. So how do we explain it manually? Well, one
way we can do it is by using the select from statement
which can be used in sequel map toe refine our searches in our tax even more,
Or we can use the classic one equals one statement, which we had used to detect it. Well, we can also use that in certain areas to dump a database, and then we can use the union Select
Statement thio try to figure out how many columns and try to figure out some table information. So let's go check them out.
All right, here we are in our sequel injection lab.
We see this Web page here that provides some user information. So
is assuming that we're looking at the username route
and we want to figure out some more user information.
Well, what you can do here,
Let's go into the name section.
single quote or signal. Quote one single quote equal. Single quote one
that goes to the database.
And it tells us and tells the database it is a true statement on data Base says Estate Minutes Trail.
Here's all the information and gives us this lovely
table of information back here.
They were on a page, and we want to try to figure out how all the databases set up a little bit.
Well, we can do a negative one.
You select statement,
if we type negative one, you select one.
We get an air message back here telling us that the used select statement have a different number of columns. So, Seo, let's
specifically it two columns in here, huh? Still nothing.
the page throws us some results back
so we could see that that database has four columns Now. You can
do further identification of information on the column.
You can attempt tow, try to get information that's in that column
displayed to the page.
So this column accepts
fields that you may suspect
that you may suspect
this field this may have
so you can keep going through there and typing in
fields. To try to get further information back
time intensive technique of hand jamming everything.
But you're not gonna get
detected as easily with this type of technique. So if you want to do something like that rather than throwing a tool at it,
it's gonna be slower. But
it's not gonna be seen as easily as the tools. Well,
speaking of tools, let's go move on to them.