Skip to content

Add manual SQL Injection steps into A1 app #81

New issue
New issue
Open
Open
Add manual SQL Injection steps into A1 app#81
Labels
hacktoberfest2022https://hacktoberfest.globo.com
@rafaveira3

Description

@rafaveira3
rafaveira3
opened on Feb 4, 2019

Motivation

Copy-and-Paste's attack narrative makes use only of SQLMap to show how an automated SQL injection could be performed.

It would be great if

We could also have the queries needed to perform an exploration of the intentionally vulnerable app manually. This would be interesting due to the fact that SQLMap can be very intrusive and dangerous to the application functionality.

What we expect

We expect to have the manual steps written down in the README.md with an explanation on how and why these commands work.

curl -s -H "Content-Type: application/json" -d '{"user":"-1'\'' <sqli payload here> ", "pass":"password"}' http://127.0.0.1:10001/login

Tips

Metadata

Metadata

Assignees

No one assigned

    Labels

    hacktoberfest2022https://hacktoberfest.globo.com

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions