Part 16 - SQLI Lab
Video Activity
This brief lesson offers an introduction into the SQLI Lab which will focus on two things: • Lab discovery • Lab Exploitation
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Already have an account? Sign In »
Video Description
This brief lesson offers an introduction into the SQLI Lab which will focus on two things: • Lab discovery • Lab Exploitation
Video Transcription
00:03
>> Welcome to Cybrary. I'm Raymond Evans,
00:03
and I will be your subject matter expert for
00:03
Cybrary's web app penetration testing course.
00:03
In this video, we will be discussing SQL injection lab.
00:03
This lab should take about 30 minutes to complete.
00:03
What will be covered?
00:03
>> We're going to be discussing the discovery portion
00:03
>> of the SQL injection lab.
00:03
Then we're also going to be talking about
00:03
the exploitation portion of the SQL injection lab.
00:03
For the discovery portion,
00:03
using either VEGA or ZAP,
00:03
I would recommend ZAP.
00:03
Zed Attack Proxy is an awesome web scanner,
00:03
scan the SQLI to shell web page
00:03
>> for a SQLI vulnerability.
00:03
>> Once that vulnerability is discovered,
00:03
we're going to move on to exploitation.
00:03
Using SQLmap, exploit the web page
00:03
>> which was identified in your scan.
00:03
>> After you exploited the web page,
00:03
dump the database
00:03
>> and discover the username and password
00:03
>> for the web page.
00:03
>> Remember the options and SQLmap
00:03
>> that we covered to do this?
00:03
>> So it was covered, talked about
00:03
the discovery portion of the SQL injection lab,
00:03
and we also talked about exploitation.
00:03
Have fun and happy hacking.
Up Next
Instructed By
Similar Content
