SQL injection attack, listing the database contents on Oracle
https://portswigger.net/web-security/sql-injection/examining-the-database/lab-listing-database-contents-oracle
Last updated
https://portswigger.net/web-security/sql-injection/examining-the-database/lab-listing-database-contents-oracle
Last updated
Let's filter for Accessories
.
Since we are proxying the traffic through Burp Suite, we can go to the Proxy > HTTP History
tab to view this request.
Let's forward this request to the Repeater
for further modification.
Once in the Repeater
, let's set the category
parameter to the following:
Since the application returns an error, we know that the number of columns in the current query is more than 1.
Let's set the category
parameter to the following:
Now that we know the current query has two columns, we can start enumerating the tables.
Next, we need to find the columns present in the USERS_EABGJF
table. We can do that by setting the category
parameter to the following:
We can now retrieve the usernames and password from the USERNAME_LIVOZB
and PASSWORD_XJPXQQ
columns respectively.
For that we have to set the category
parameter to the following:
We can now login as the administrator using the following credentials:
Username | Password |
---|---|
administrator | ayzzulz0enewtllx1szu |
We have solved the lab