From the course: Burp Suite Essential Training
Join today to access over 24,900 courses taught by industry experts.
Inserting an SQL injection via Burp Suite - Burp Suite Tutorial
From the course: Burp Suite Essential Training
Inserting an SQL injection via Burp Suite
- [Instructor] We'll often see websites which are supported by SQL databases, either built into the platform or on a backend server. SQLmap is a key tool to use on these sites to identify the SQL server and to determine whether it's exploitable. Burp Suite and SQLmap are often used together. Let's see how we can use them as a tool set to gain access to an SQL database, using the Europa server which we have on our LinkedIn learning lab. Let's make sure the Europa Corp admin portal, which we found using our previous reconnaissance, is in our host file. sudo nano /etc/hosts. And we'll add 10.10.10.22, admin-portal.europacorp.htb. And we'll save that. Okay. Now, in Burp Suite, let's set the target scope, and we'll add in https://admin-portal.europacorp.htb. Okay, and proxy intercept off. Open a browser, and visit https://admin-portal.europacorp.htb. The portal is looking for an email address and a password. Let's send in…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.