Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨
I am binging this whole series thank you for being an amazing explainer. As soon as I can afford it I am going to pay for your video series to show support to you. THANK YOU
i have 2 questions 1. with concat string, when you consider with mysql, why did u using || instead of space? (in cheatsheet they're using space) 2. in a query: seclect tracking-id.... why did it end with ' ? can u explain, thank you so much!
@@shba9300 an and need a condition after it because the query is something like SELECT X FROM Y WHERE Z='xxxxxx' so if we add AND we need a condition having sleep after it will not have any sencce and it will result a syntax error and in this case we can't see the result of a syntax error
@@ahmedsaleem9327 an and need a condition after it because the query is something like SELECT X FROM Y WHERE Z='xxxxxx' so if we add AND we need a condition having sleep after it will not have any sencce and it will result a syntax error
In this tutorial why did on providing single quote on tracking cookie did not throw internal error? , if so how will we know that the parameter is vulnerable to sql injection
I know it's a late reply but perhaps as you're giving 2 instructions. 1 for the timing delay and the other for length of time? This seems to be logical to me as || is used to join strings / commands.
Dont know if this video is alive and someone replying but I think it was best that if you explaining the xploit part by part, it best to also explain why did you use || to concatenate, I have no idea what made you want to put that, and its ashame cause SQLi is all about logic
@@amiremami8661@danielklibanov5797 It seems like the decision to use || was incorrect for a mysql back end since mysql uses CONCAT() for concatenation. || was used since it is the concatenation operator for postrgresql DB which is what is running on the back end for this lab. (If a function is concatenated it is executed as part of the concatenation, hence causing the DB to sleep). However, if all sleep payloads were to be tried as implied in the vid, it would be incorrect to use || as the concatenation operator for all of them. Fwiw, mysql can be configured to use || as a concatenation operator, but there is no way the attacker should assume that it's configured that way.