#Cybersecurity #sqlinjection
<h3 id="heading-what-is-sql-injection">What is SQL Injection?</h3>
SQL injection usually occurs when you ask a user for input, like their username/userid, and instead of a name/id, the user gives you an SQL statement that you will unknowingly run on your database.
<h3 id="heading-sql-injection-lab">SQL injection lab</h3>
Step 1: Install Burpsuite and set up a proxy with the browser [<a target="_blank" href="https://youtu.be/cs09SByx9sw"><code>Link</code></a>]
Step 2: Create an account in portswigger academy [<a target="_blank" href="https://portswigger.net/"><code>Link</code></a>]
Step 3: Locate <a target="_blank" href="https://portswigger.net/web-security/sql-injection/lab-retrieve-hidden-data">https://portswigger.net/web-security/sql-injection/lab-retrieve-hidden-data</a> and click access the lab.
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1679122484162/869e16ae-5416-4ac2-937e-28668690e84d.png" alt class="image--center mx-auto" />
Step 4: Open Burpsuite and turn the intercept on
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1679122500263/618d2374-9c2e-4e0d-ac76-52f00306899e.png" alt class="image--center mx-auto" />
Step 5: Click Any Category and analyze the no. of items listed
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1679122508639/ba1437ee-f450-48a0-9d2b-f3be412dee87.png" alt class="image--center mx-auto" />
Step 6: Analyze the intercepted request in the burp suite
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1679122520063/27e453d8-77f3-4115-8847-e0486f702892.png" alt class="image--center mx-auto" />
Step 7: Tamper the category parameter with this payload [ '+OR+1=1-- ]and analyze the no. of items listed after tampering.
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1679122621237/102b218b-4e97-425d-994b-a25287c03bc2.png" alt class="image--center mx-auto" />
Explanation:
<pre><code class="lang-sql">SELECT * FROM products WHERE category = 'Gifts' AND released = 1
</code></pre>
The above code in database will be modified as
<pre><code class="lang-sql">SELECT * FROM products WHERE category = '' OR 1=1 --' AND released = 1
</code></pre>
OR operator is true if any one of the conditions is true, so 1=1 is always true which in turn displays all the products.
The message will be displayed upon successful SQL injection exploitation.
<img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1679122650521/dfa608d6-72bb-43bf-9a3f-8b88b1439036.png" alt class="image--center mx-auto" />
Happy Learning. Cheers🙌❤️

#Cybersecurity #sqlinjection

### What is SQL Injection?

SQL injection **usually occurs when you ask a user for input, like their username/userid, and instead of a name/id, the user gives you an SQL statement that you will unknowingly run on your database**.

### SQL injection lab

Step 1: Install Burpsuite and set up a proxy with the browser \[[`Link`](https://youtu.be/cs09SByx9sw)\]

Step 2: Create an account in portswigger academy \[[`Link`](https://portswigger.net/)\]

Step 3: Locate [https://portswigger.net/web-security/sql-injection/lab-retrieve-hidden-data](https://portswigger.net/web-security/sql-injection/lab-retrieve-hidden-data) and click access the lab.

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1679122484162/869e16ae-5416-4ac2-937e-28668690e84d.png align="center")

Step 4: Open Burpsuite and turn the intercept on

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1679122500263/618d2374-9c2e-4e0d-ac76-52f00306899e.png align="center")

Step 5:  Click Any Category and analyze the no. of items listed

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1679122508639/ba1437ee-f450-48a0-9d2b-f3be412dee87.png align="center")

Step 6: Analyze the intercepted request in the burp suite

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1679122520063/27e453d8-77f3-4115-8847-e0486f702892.png align="center")

Step 7: Tamper the category parameter with this payload \[ '+OR+1=1-- \]and analyze the no. of items listed after tampering.

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1679122621237/102b218b-4e97-425d-994b-a25287c03bc2.png align="center")

Explanation:

```sql
SELECT * FROM products WHERE category = 'Gifts' AND released = 1
```

The above code in database will be modified as

```sql
SELECT * FROM products WHERE category = '' OR 1=1 --' AND released = 1
```

OR operator is true if any one of the conditions is true, so 1=1 is always true which in turn displays all the products.

The message will be displayed upon successful SQL injection exploitation.

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1679122650521/dfa608d6-72bb-43bf-9a3f-8b88b1439036.png align="center")

Happy Learning. Cheers🙌❤️

Cyber Dug's Blog

Cyber Dug's Blog

SQL Injection Lab for beginners

Table of contents

What is SQL Injection?

SQL injection lab