SQL Injections: The Full Course
HTML-код
- Опубликовано: 9 июл 2024
- Welcome to this course on SQL injection attacks! In this course, we explore one of the biggest risks facing web applications today.
We start out by creating a safe and legal environment for us to perform attacks in. Then, we cover the core concepts of SQL and injections. After that, we learn SQL injection techniques with the help of cheat sheets and references. At that point, we start to gather information about our target in order to find weaknesses and potential vulnerabilities.
Once we've gathered enough information, we go full-on offensive and perform SQL injections both by hand and with automated tools. These attacks will extract data such as tokens, emails, hidden products, and password hashes which we then proceed to crack.
After successfully attacking and compromising our targets, we take a step back and discuss defensive controls at the network, application, and database layers. We also look at actual vulnerable code and show ways of fixing that vulnerable code to prevent injections.
Please note: Performing these attacks on environments you do not have explicit permissions for is illegal and will get you in trouble. That is not the purpose of this course. The purpose is to teach you how to secure your own applications.
Join Cybr's Discord: / discord
Cybr Courses: cybr.com/courses/
Pre-Requisites:
To understand how SQL injections work and how to perform them as well as defend against them, you must have:
- Experience working with web applications
- Experience with SQL
Suggestion: You may also wish to take our free Introduction to Application Security (AppSec) course (cybr.com/courses/introduction...) to familiarize yourself with the concepts of Application Security.
Timestamps:
About the course - 00:00 - 04:15
Setting up a safe & legal environment - 4:16 - 14:20
Getting started with OWASP ZAP - 14:21 - 18:41
SQL Concepts - 18:42 - 25:16
SQL Injections Explained - 25:17 - 35:27
SQL Injections Cheatsheets - 35:28 - 45:08
Information Gathering - 45:09 - 58:36
SQL Injections Hands-On - 58:37 - 01:14:41
SQL Injections with SQLMap - 01:14:42 - 01:23:29
Defenses at the Network Layer - 01:23:30 - 01:25:58
Defenses at the Application Layer - 01:25:59 - 01:37:49
Defenses at the Database Layer - 01:37:50 - 01:41:40
Ending Screen - 01:41:41 - 01:41:50
Here's an update on how to install Docker on the new Kali version. It's actually much simpler now!
cybr.com/app-data-security-archives/how-to-set-up-the-dvwa-on-kali-with-docker/
TL;DR:
sudo apt update
sudo apt install -y docker.io
sudo systemctl enable docker --now
sudo usermod -aG docker $USER
newgrp docker
I am really glad that there are people like you in this world. Thank you so much for your Video.
You are very welcome! Happy learning
Thanks dude, i learned a lot by watching your videos, it is still difficult with those codes and stuff but the way you explains makes it easier! Thanks again :)
How's your learning journey been so far?
@@Cybrcom hello sir!
I have been working a lot lately and i have not been studying so much past few weeks but i gotta tell you i have learned so much in such short time while i was watching/studying the SQL Injection on your website and i really appreciate it, i am almost done with that course, thanks for your concern Christoph
@@eyeinthesky1050 awesome! Keep it up and good luck!
The most powerful and professional course I've ever seen. Thanks a lot
That's really nice. Thanks so much!
Your channel was arrived in my RUclips screen in time. I recommend this to my group so they can watch it too. Thank you very much. Wishing you all the best in life. Cheers!!!
Thank you for recommending! People like you are what helps us keep going!
found your video while researching for materials for my undergrad paper about SQL Injections. You are a better teacher than my college one xD
That's so sweet, tyvm! Glad you found the video!
Woow, that was educative and informative. You have done a great job.
Still watching your videos
Thank you so much
feeling lucky to find you even before you hit your first 100 subscribers.
Wishing you for 1M subscribers.
Thank you for the kind words!
Your life saver .. bro surely u will grow .. plz make videos on kali tutorials
Our free eBook covers the topics reviewed in our course. It explores one of the biggest risks facing web applications today: SQL injections. Think of this as your reference guide that includes concepts to understand, attacks you can perform in safe & legal environments, and defense controls you can implement for your network, applications, and databases.
Download your free eBook here: cybr.com/ebooks/sql-injection-attacks/
Holy crap this is exactly what I wanted.
Haha awesome! Glad you found it :D
your English is so clear to understand non-English native speakers like me. Thank you so much!
So happy to hear that! Glad you enjoyed it!
what not even 1 k subscribers cmon man this guy deserves better
Haha thank you, that's very kind! The best way to help us grow is to help share our videos if you think someone could benefit from it! Thanks!!
Very awesome
I brought your course from Udemy so well spent money THANKS
Thank you for your support ♥
@@Cybrcom iv just brought another one form udemy " The Practical Guide to sqlmap for SQL Injections"
1:39:24. LOL, well a lot of time this is true but we need it. LOL. thanks for this, course I hope you will upload more video to help us especially for beginners. THAANNKSKSSSS
You got it!
is that working if i apply this union sqli query param=')) union select name,name,name,name,name,name,name,name,name from sqlite_master where type='table' -- in login field to get all tables?, im asking because i've been tried it out but nothing happend, is that because the login field doesn't vulnerable to this query?
Most underrated
❤️
is there a course to get more advanced on this attack? like for example bypass some stuff that very common in sql injection attack?
Really great and informative video.
Thank you! Glad you liked it
thank you sooo much man
glad it helped!
Hey if we shut down our system or close the docker seession do we need to download them again
. and btw i love your videos and content you provide . THANKS FOR THEM , you are just helping us more than you think.!!!
You don't need to re-download the docker images, you can just re-launch a new container with the same image(s). But if you take actions in the container, those actions will get wiped every time you shut down the system or destroy the container. You can get around this if you need to by setting up persistent storage though: docs.docker.com/guides/docker-concepts/running-containers/persisting-container-data/
Bro great job help me too much to learn, hopefully more video of you.
Thanks
Glad it helped :-)
Thanks I’m here to prepare my interview for cyber security consultant
Good luck! Hope it goes well
In 53:12 what is % refering to? Is that encoded of single quote or empty?
thanks
isn't the scaning a target is a 2nd phase for pentesting?? while not Info Gathering?
woow, am half way through but enjoying it. I feel like i can hack any database now haha. Thanks for this content
Glad you're enjoying it!
Does the order matter when writting commands for sqlmap eg (-u, --batch, --threads) or the command can run regardless of the arrangement ? Thanks
The order of options doesn't matter much in terms of running the command, nope!
hi mate, like your presenting style, does [arch=amd64] apply if the PC using intel, I'm confused? Thanks ya'll
Yes it does. Super confusing, I know. Here's a brief explanation of why it is what it is: wiki.debian.org/DebianAMD64Faq
TL;DR: ""AMD64" is the name chosen by AMD for their 64-bit extension to the Intel x86 instruction set."
Please do more videos. That would be great.
You got it!
how do you know that we should use a lot of column based on target table, or that what w should do in every union attack?
This would require a lot of trial and error to get the number of columns matching right if you were doing a blackbox test. Otherwise, this is information you could get from the engineering (app/database) team
waiting for your course about the new version of zap. it's completely different
Great video on SQL injection, appreciate your effort 👏
If you can upload more full course about web security thanksss....
Hello! I am having a problem when pressing the launch browser in the manual explore. The browser displays, however, the zap hud is not showing and the search bar is color red instead of yellow or orange like in the video. It only displays the OWASP Juice Shop web application. Any help will be appreciated!
Edit: changed OWSAP to OWASP
I’ve had a few other reports of this issue and believe it’s caused by an update to Firefox. Honestly, the HUD is not that useful once you start getting more familiar with ZAP, so learning how to use the HUD instead of the main ZAP client is not very important and could definitely be skipped. If you want to try a prior Firefox version though, that should fix it. Up to you!
@@Cybrcom thanks for the reply, I recently knew that I do not really need the hud, I can use the desktop client which is for me is better. Btw really great video and tutorial, I learned a lot and thanks again for replying to my message!!! Cheers!
Thanks! So awesome of you! Learning so much!
your studying cyber security ?
@@cyberone14 yes, I recently graduated in Cybersecurity certification ( 30 credits). It is a competitive field to enter as an entry-level. I am thinking of pursuing Cloud certification with Azure or AWS. Application security job is in high demand and less competitive with others job applicants.
@@xanvong1501 well done :)
@@xanvong1501 congratuations, and that's a great idea. The cloud is in high demand and will remain so for the long-term, especially security!
@@Cybrcom Thanks so much 🙏
If you having troubles with virtualbox and it is "aborted" make sure to enable "amd v" in bios setting
Question: why are you deploying Kali Linux through VirtualBox? Wouldn't it be easier to pull it through Docker as well? Great course, thank you!
Hey, normally I use VMs (something like VirtualBox for local or else cloud-based ones) for anything requiring a GUI, and Docker when I just need to run a server, an app, or scripts, either locally or as part of deployment pipelines... it entirely depends on what you want/need and your comfort level, but you have many options nowadays!
Solid content with clear explanation
Thank you ♥
Good morning,please at the beginning while trying to set up docker ..
When I run the command...docker run --rm -it -p 80:80 vulnerables/web-dvwa
I get am error messages saying Error starting userland proxy
Address already in use
Docker: error response from daemon
Hi, did you get this resolved? Just in case for others who may have that problem: the error message tells you that port 80 is already in use. You either already ran that command the didn't kill the container before re-running it, or you have another service on your computer running on port 80. You can simply map it to a different port, like this: -p 8084:80
I love you man
Love you too :)
When i do the automated scan on ZAP, it just crashed after a while every time. And i need to restart my VM to get it to open again. Any help?
Take a look at the error log and see what’s causing the issue. More details here: www.zaproxy.org/faq/somethings-not-working-what-should-i-do/
Is that possible to sql injection the impossible level on dvwa blind sqli?
It’s not supposed to be but you never know ;)
Is DROP query can delete database and column?
www.w3schools.com/sql/sql_drop_table.asp
bro can u make a video on how to run dvwa on aws kali instance
Sure!
Hello, Thanks a lot. at 53:30 after executing the union payload am getting "Invalid HTML header" any solution.? I have cross-checked everything.
Try copy/pasting directly from here. It's possible that a weird character snuck in: ')) UNION SELECT name,name,name,name,name,name,name,name,name FROM sqlite_master WHERE type='table' --
Alternatively, make sure you didn't accidentally modify or delete any of the other headers, and make sure the GET request is on a separate line from the User-Agent line
@@Cybrcom thank you!
@@Cybrcom it worked!thanks.
@@fluidman777 awesome!
@@Cybrcom could you be the one who was teaching Redhat sysadmin prep on udemy? had bought the course but i can no longer find it.
Actually in the minute 32:44 it will fail because it still got a closing quote the workijng payload will be something like : 346'%20OR%20'1'='1
Thanks! Must have missed that one
Might be late but question, can mastering this tool get me a start up job?
Great video 🔥🙏🏼
It certainly wouldn't hurt, but you will need more than just mastering this specific tool (assuming you are referring to sqlmap). Most job postings will require knowledge of multiple tools and other concepts
@@Cybrcom I see yeah makes sense, would it be possible if you make a video on what are the things you should know in order to land a start up job or an internship in cyber security, I’m currently a 3rd year software engineering students and I’m all over the place. Would really appreciate it
What is „Chi Chi“?
Huh?
In 53:12 , what the % stand for?
in SQL, it acts as a wildcard. So since it's paired with LIKE '%' it means match everything. If it were instead LIKE 's%' it would match every column that starts with the character s, and so on
When I try sqlmap I get parameter 'id' is not injectable
At which step in the course are you getting this message? And are you running the same command as shown in the video?
@@Cybrcom I am getting the same error. This error is shown when I use the same command as shown at 1:21:10
Can I create a new table in SQL Fiddle?
Yes
@@user-fu6nj8lv5bI'm not sure what you mean or what you're referring to
Idk why but it feels like every second im not learning cybersecurity, things are getting more secure and one day soon hscking will be phased out completely
I wouldn’t worry about it anymore because that’s definitely not the case :)
Cybersecurity professionals are more in demand than ever, and that demand is only growing.
It is getting harder to hack, but as new technologies are created, new exploits will be too.
Always be creative on your payloads and think out the box
name is a column or function?
Timestamp please
Why here seems easier but in live targets doesn't work!!!!?????????
It’s part of the grind & hunt!
make of xxe tooo please
I've actually got a brief section on XXE in the full version of this course here: cybr.com/courses/injection-attacks-the-free-guide/
(Check out the "XML and XPATH injections" section)
can you teach me digital forensic
We're talking to a couple of potential authors who are knowledgeable in digital forensics, and are hoping that will lead to courses on that topic!
I need anyone that is very good in injecting sql to come to my aid
brother I got this video ..Does it need to have wireless adapter for sql injection ? Cause I donot have money so that I can buy it ,,,, And my laptop dont have that ..plzz reply😪😊
No wireless adapter is needed for SQL injection
Note to myself: 1:22:47
Right now you don't have 1k subs but I'm seeing ads on your video...how???
RUclips just announced a change to their ToS so they are now monetizing videos even if the channel isn't monetizing :(
From RUclips's announcement:
"RUclips’s right to monetize: RUclips has the right to monetize all content on the platform and ads may appear on videos from channels not in the RUclips Partner Program."
How is it like being a good guy hacker?
brother but like this you teaching people how to sql attack.....
You have to understand how attacks can be carried out in order to truly protect your assets. The hope is that more people do good things with their skillset than bad, but ultimately you don't prevent bad things from happening by limiting training. Quite the opposite!
@@Cybrcom yes your right also i would appriciate if you could make sql injection video with the New kali Linux because many things changed like the docker download
@@belharra5756 here's an update on how to install Docker on the new Kali version. It's actually much simpler now!
cybr.com/app-data-security-archives/how-to-set-up-the-dvwa-on-kali-with-docker/
TL;DR:
sudo apt update
sudo apt install -y docker.io
sudo systemctl enable docker --now
sudo usermod -aG docker $USER
newgrp docker
@@Cybrcom brother could you Pls make an updated version of sql injection on how to bypass waf
@@god9233 I'm actually working on one right now that will include that :-D
🙂👍
❤️
could you please assist me to solve this error: Failed to load R0 module D:\/VMMR0.r0: The path is not clean of leading double slashes: 'D:\/VMMR0.r0' (VERR_SUPLIB_PATH_NOT_CLEAN).
Failed to load VMMR0.r0 (VERR_SUPLIB_PATH_NOT_CLEAN).
Result Code:
E_FAIL (0x80004005)
Component:
ConsoleWrap
Interface:
IConsole {872da645-4a9b-1727-bee2-5585105b9eed}
I have been trying to solve for 3 days .
when I want to start the machine
Did you figure this out? You might want to uninstall/reinstall
@@Cybrcom I installed VB to c:/
Ask Chatgpt
do you have video to prevent sql injection using ML
I do not and haven’t seen one I can recommend