HUNT for SQL Injection- The Smart Way!

Hello Readers, Welcome to my first post, in this Post i will show how to hunt for the Classic SQL injection. Yes, the classic SQL injection vulnerability still exists and i dumped the whole DB. Lets get started…..

Many People have this misconception that in this advanced era, why would any application be vulnerable to the classic SQL injection and doesn't give a try. I always used to ignore SQL. One fine day i was browsing through the programs on bug crowd and selected a wide range target lets call it redacted.com.

Now, How to hunt SQL in a smart way?

Lets Break into Steps:

Step 2: Make a list of SQL payloads, hit on all the login pages with Intruder.

Step 3: Check for SQL Query in error/response.

Step 4: If you successfully get SQL error → Run SQL map

Step 5: Get the big FAT Bounty !!!!

I followed the same steps and executed Blind SQL Successfully

SQL Detection
SQL Detection

Payload Used Above → admin’ or 1'=’1- -

I used SQL map, captured the request in Burp and made the POST.txt file and ran the SQL map

For your reference on how to use SQL map for post request → https://hackertarget.com/sqlmap-post-request-injection/

The DB

And…. Finally Get the Reward :)

Final Tip: The Bugs are out there, Find THEM !!!

Learner :)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store