Thank you for the helpful vid. Currently your methods are working with one of the OSCP labs that i'm working on. Your explanations are helpful as well and point me towards the correct direction for learning
You've done a mistake here there is no single quote at the beginning of the original query...The breakout is to break out of the string after the where query. So it would be something like this : select * from users where username = 'intended user input ``` select * from users where username = 'something' or 1 = 1 -- - ``` To further explain that the example you gave wouldn't really make sense as the original query is what specifies an opening to user input which is where the root of all sql injections and thus you can only partially break out of the original query and you wouldn't have a single quote a the beginning of any query anyway...