Lab: Bypassing Login authentication with SQL Injection

-

Login authentication is often plagued with SQL Injection vulnerabilities and thus sanitisation of input from a webpage is all the more important. Such attacks can often lead to compromise of privileged accounts.

I load the lab website and navigate to the login page and input the username 'administrator' with a random password:

And as you can see I had intercepted the request and modified the value for username to be `'administrator'--` so it ignores the password check condition and directs me to the account of the site admin.

 

And just like that I have now access to the admin account.

Comments

Post a Comment

Popular posts from this blog

Malware Analysis Report: Sample SmokeScreen

-
Image
Basic Facts Components -         PASTA_MENTOR_PROMO_DEAL_agreement.docx.scr       (Initial Stage) [Program1.exe]      sha256 8d204db953fd7d637f8718f56fbecfbf93ebcc8e7402ce71d5c52b01689777a2       Program1.main.exe        (Second Stage) [Runs under InstallUtil.exe]      sha256 c7ce154d0ab5aec517829623f7b3b30a4e0ea6dc981fdf13134a8f263a062a9a   Malware Type: Injector/Info-Stealer  Windows PE | C# (stage 1) | Nim (stage 2)   --*--*--
Read more

[TryHackMe] BrainPan 1

-
Image
So I was selected in one of the teams Sheridan is sending for cybersci and that meant I gotta prepare myself for the challenge, and what better way to do it than try a hard lab (I should have started with something easier, but atleast the pain was a learning experience). This is my writeup for BrainPan 1, or as I like to call it Brain Pain.
Read more