Joel O.joelodey.hashnode.dev·Apr 29, 2024Lab: Exploiting XXE using external entities to retrieve filesLab Scenario: Our mission is to exploit XXE through a web application's "Check stock" feature, specifically using external entities to retrieve files. By intercepting and manipulating a POST request, we intend to use XXE to trigger the retrieval of s...DiscussPortSwigger XML external entity (XXE) injectionxxe
Joel O.joelodey.hashnode.dev·Apr 16, 2024Lab: Exploiting XInclude to retrieve filesLab Scenario: Our mission is to exploit XInclude through a web application's "Check stock" feature. By intercepting and manipulating a POST request, we intend to use XInclude to retrieve files from the server. Let's proceed with the solution: Interc...DiscussPortSwigger XML external entity (XXE) injectionxxe
Joel O.joelodey.hashnode.dev·Apr 8, 2024Lab: SQL injection attack, listing the database contents on non-Oracle databasesIn this educational guide, we will explore the practical application of Burp Suite to identify and exploit SQL injection vulnerabilities, highlighting the importance of robust security practices. Step 1: Intercepting and Modifying Requests with Burp ...DiscussPortSwigger SQL injection (SQLi) Labs#sqlinjection
Joel O.joelodey.hashnode.dev·Apr 1, 2024Lab: SQL injection UNION attack, retrieving data from other tablesIn this educational guide, we will walk through the process of using Burp Suite to intercept and modify requests, focusing on the product category filter. Our objective is to unveil potential SQL injection vulnerabilities, understand the database str...DiscussPortSwigger SQL injection (SQLi) LabsSQLi
Khoa Nguyenkhoafrancisco.hashnode.dev·Mar 28, 2024Solution lab: Source code disclosure via backup fileLab này bị lộ mã nguồn qua file backup trong thư mục ẩn. Giải quyết bằng việc gửi mật khẩu mã hóa bị lộ Link lab: https://portswigger.net/web-security/information-disclosure/exploiting/lab-infoleak-via-backup-files Browse to /robots.txt and notice...Discuss·5 likesportswigger
Joel O.joelodey.hashnode.dev·Mar 25, 2024Lab: SQL injection attack, querying the database type and version on OracleTo exploit SQL injection, it's crucial to understand the structure of the database query. Use a payload to determine the number of columns returned by the query and identify columns containing text data. For instance, inject the following payload int...DiscussPortSwigger SQL injection (SQLi) Labs#sqlinjection
Joel O.joelodey.hashnode.dev·Mar 18, 2024Lab: SQL injection UNION attack, determining the number of columns returned by the querySQL injection is a serious security risk for web applications, and Burp Suite can be used to identify and address these vulnerabilities. This guide shows how to use Burp Suite to intercept and modify requests, specifically focusing on the product cat...DiscussPortSwigger SQL injection (SQLi) Labsportswigger
The Chief - Omarchiefomar.hashnode.dev·Mar 14, 2024API Lab: Finding and exploiting an unused API endpointBismillah API Lab: Finding and exploiting an unused API endpoint Lab Source: PortSwigger Web Security Academy API Endpoints can cause problems if they're not secured well.In this lab, I exploited a get price API call: While adding an item to the cart...DiscussAPIs
Joel O.joelodey.hashnode.dev·Mar 5, 2024Lab: SQL injection UNION attack, finding a column containing textIn this lab, our goal is to determine the number of columns returned by the query, offering a valuable insight into potential SQL injection vulnerabilities. Step 1: Intercepting and Modifying Requests with Burp Suite Burp Suite, a versatile web appli...DiscussPortSwigger SQL injection (SQLi) LabsBurpsuite
Joel O.joelodey.hashnode.dev·Feb 26, 2024Lab: SQL injection vulnerability in WHERE clause allowing retrieval of hidden dataLab Scenario: Our objective is to understand and exploit a SQL injection vulnerability in the WHERE clause of a web application's stock check feature. By carefully probing and bypassing security measures, we aim to retrieve hidden data and ultimately...Discuss·1 likePortSwigger SQL injection (SQLi) Labs#sqlinjection