Skip to content

Commit 524c9a9

Browse files
twseptiantwseptian
committed
change sqli lab 09 description
1 parent 859ea23 commit 524c9a9

File tree

1 file changed

+4
-4
lines changed
  • port_swigger_academy/sqli/sqli_lab_09

1 file changed

+4
-4
lines changed

port_swigger_academy/sqli/sqli_lab_09/README.md

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -47,10 +47,10 @@ To solve the lab, log in as the `administrator` user.
4747
1. Use Burp Suite to intercept and modify the request that sets the product category filter.
4848
2. Determine the [number of columns that are being returned by the query](https://portswigger.net/web-security/sql-injection/union-attacks/lab-determine-number-of-columns) and [which columns contain text data](https://portswigger.net/web-security/sql-injection/union-attacks/lab-find-column-containing-text). Verify that the query is returning two columns, both of which contain text, using a payload like the following in the `category` parameter:
4949

50-
`' ORDER BY 2--`
51-
`' ORDER BY 2--`
52-
`' UNION SELECT 'test', 'test'--`
53-
`' UNION SELECT version(), NULL--`
50+
- `' ORDER BY 2--`
51+
- `' ORDER BY 2--`
52+
- `' UNION SELECT 'test', 'test'--`
53+
- `' UNION SELECT version(), NULL--`
5454

5555
from the version, we know the database version is using PostgreSQL
5656
3. Use the following payload to retrieve the list of tables in the database:

0 commit comments

Comments
 (0)