You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: port_swigger_academy/sqli/sqli_lab_01/README.md
+10-3Lines changed: 10 additions & 3 deletions
Original file line number
Diff line number
Diff line change
@@ -36,12 +36,19 @@ This results in the SQL query:
36
36
37
37
The modified query will return all items where either the category is Gifts, or 1 is equal to 1. Since `1=1` is always true, the query will return all items.
38
38
39
+
## Lab: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
40
+
This lab contains an SQL injection vulnerability in the product category filter. When the user selects a category, the application carries out an SQL query like the following:
41
+
42
+
`SELECT * FROM products WHERE category = 'Gifts' AND released = 1`
43
+
44
+
To solve the lab, perform an SQL injection attack that causes the application to display details of all products in any category, both released and unreleased.
45
+
39
46
## PoC
40
47
```bash
41
-
$ python3 sqli_lab_01.py https://ac621f871fxxxxxxx.web-security-academy.net "' OR 1=1--"
48
+
$ python3 sqli_lab_01.py https://acb61f551f903c83c0e0809a0059009a.web-security-academy.net "' OR 1=1--"
42
49
43
-
>>Port Swigger - SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
44
-
>> by twseptian
50
+
>> SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
0 commit comments