Welcome to cyber ery. I'm Raymond Evans, and I will be your subject matter expert for cyber areas. What about penetration? Testing? Course
This video. We will be discussing discovering sequel injections. What will be covered? We're gonna talk about why it's important. The different types of discovery methods and some discovery tools such as Vegas sequel map and map and zap
and ah recognize. Why is this important? Well, if left untested, a website could have vulnerabilities there. Ticking time bombs,
as I said before and my previous sequel, Injection Video,
that if it's left on Detective
on Attacker can harvest information for years and years and years. A sequel attack could allow an attacker to gain usernames, passwords and other sensitive details about users. What these details and attacker could elevate their privileges and set themselves up to do further harm. And if left undetected on, attacker could pilfer data for extended periods of time
where the different types of discovery
well, we can use manual discovery.
So if a website contains a page with the girl that looks like this example dot com page dot PHP, i d equals one. The easiest way to test for sequel injection is by doing the following, so
you put a signal quote one
you do a one with single quit. Get an error such as the one below
verifies that there's a vulnerability. So the
care of, Ah, my sequel Fetch Array supplied argument is not. Balan lets you know that there is some sort of vulnerability there. You can also test the form fields with one of the statements below, or
you can actually use one of these statements in that you are well above as well.
And if you get your tired database dumped back, you know that there's a major vulnerability right there. These are examples down below of different
forms of secret injections,
because not all of the sequel databases take information the same exact way or handle the information and the commands the same way.
So some of these require some additional characters at the end in order for the database to recognize them correctly
because of the way that the database actually takes the normal sequel commands that are properly