Introduction

We covered the types of SQL injection vulnerability namely error based, time based, blined and boolean based SQL injection. We used TryHackMe Junior Penetration Tester pathway.

SQL (Structured Query Language) Injection, mostly referred to as SQLi, is an attack on a web application database server that causes malicious queries to be executed. When a web application communicates with a database using input from a user that hasn’t been properly validated, there runs the potential of an attacker being able to steal, delete or alter private and customer data and also attack the web applications authentication methods to private or customer areas. This is why as well as SQLi being one of the oldest web application vulnerabilities, it also can be the most damaging.

Get OSCP Certificate Notes

What is a database?

A database is a way of electronically storing collections of data in an organised manner. A database is controlled by a DBMS which is an acronym for  Database Management System, DBMS’s fall into two camps Relational or Non-Relational, the focus of this room will be on Relational databases,  some common one’s you’ll come across are MySQL, Microsoft SQL Server, Access, PostgreSQL and SQLite. We’ll explain the difference between Relational and Non-Relational databases at the end of this task but first, it’s important to learn a few terms.

 

Within a DBMS, you can have multiple databases, each containing its own set of related data. For example, you may have a database called “shop“. Within this database, you want to store information about products available to purchaseusers who have signed up to your online shop, and information about the orders you’ve received. You’d store this information separately in the database using something called tables, the tables are identified with a unique name for each one. You can see this structure in the diagram below, but you can also see how a business might have other separate databases to store staff information or the accounts team.

Challenge Questions and Answers

What is the acronym for the software that controls a database?

What is the name of the grid-like structure which holds the data?

What SQL statement is used to retrieve data?

What SQL clause can be used to retrieve data from multiple tables?

What SQL statement is used to add data?

What character signifies the end of an SQL query?
What is the flag after completing level 1?
What is the flag after completing level two? (and moving to level 3)
What is the flag after completing level three?
What is the final flag after completing level four?
Name a protocol beginning with D that can be used to exfiltrate data from a database.

Video Walk-through

 

, ,
Show Comments

Motasem

About the Author

Cybersecurity Trainer MS in Cybersecurity Expertise in Healthcare and Finance Industries Penetration tester and compliance auditor

View Articles