• Post category:StudyBullet-3
  • Reading time:4 mins read


Learn how to do SQL injection

What you will learn

Find out if web app is vulnerable

Learn about the SQL language

Learn SQL injection

Grab data from web apps

Description

What is sql injection?

A SQL injection is an attack in which the attacker sends a specially crafted SQL query (statement), to a database server and modifies the database as desired. An SQL injection occurs when user input is improperly sanitized before being used in an SQL query.

The vulnerability can be exploited by providing input via the user interface, or through hidden fields; however, if user input is used for parameters such as a name or an id, those parameters should be validated as well to make sure that no invalid input is used.

SQL Injection: How does it work?


Get Instant Notification of New Courses on our Telegram channel.


In a vulnerable server, a parameter that is supplied by the user can be modified by the attacker in order to run arbitrary SQL code or commands on the back-end database. There are multiple ways of performing this kind of attack.

What’s in this course

In this course you will learn how to do SQL injection using a real world example. It’s a course for beginners who never did SQL injection before. After completing this course you will be able to detect if a website is vulnerable to SQL injection, be able to get data from the web apps database and compromise a database.

English
language

Content

Introduction
What is Ethical Hacking?
Types of attacks
Introduction
What is Client, Server and SQL?
SQLMap
What is SQL?
Is web app vulnerable?
Commands
SQLMap
Get Tables using SQLMap
Commands
Get Data from Database
Commands
SQL in URL
Log file
More on SQL
Parameters