“Defend the Web” write-up (SQLi2 SQLi — Hacking admin username & password using SQL Injection Attack)

SQL Injection is a code injection method that can be used to manipulate or retrieve information from SQL databases. An intruder can execute commands that enable the extraction of data from the database, the deletion of sensitive information, or other malicious activities by putting customized SQL queries into an input field.

The cybercriminal can impersonate the identity of a more privileged user, create themselves or other database administrators, interfere…