A Five Minute SQL-I

Hello Myself Ashish Jha, A security researcher from INDIA, I pentested many site and now it’s time for one of india’s biggest travel company , Yes i started pentested it back an year ago and within 5 minutes of pentesting i was able to find “Blind SQL-Injection” , And That too manually :) , It was really a good experience pentesting it, As i’ve previous found SQL-I in many websites (50+).

Now let me narate you how i did that:

Step1:

Just a normal surf to the website go to book a flight.

Book a flight

Step2:

Next, I found add coupon option :) , That was very attractive to me and the lord of bug hunting was from somewhere sending me signals to test.

Add coupon point where i tested

Step3:

I added a test coupon as you can see in the above screenshot then intercepted using a burp proxy and the request was JSON one.

The Code parameter

Step4:

I just added a single quote as you can see in the above picture, That responded with a mysql error and that was really awesome for me as i love SQL-I vulnerabilty.

Step5:

I pentested more but as they were using Angular.js i was not able to get the coupons and stuff, but i got upto a good level!

Finally after two days they replied as a valid report and asked me my credentials for rewarding a bounty!

This was my five minute SQL-I journey.

I share more of my findings , untill next time!

And as i always say, Hack Like A Pro and Never think you can’t!