Interested in supporting me and gaining early access to the Web Security Academy videos when they're recorded? Consider buying my course: academy.ranakhalil.com/p/web-security-academy-video-series! ✨ ✨
thanks a lot for the walkthrough, the entire series has been a blast!, I admire you: working until 2:30 am in the morning is just for experts!, amazing, seriously
Amazing work and tutorial series. Keep up the good work Rana. Just a quick point, for efficiency - at intrusion part - we could just check if length of password is = to the payload (in this case numbers 1~25) instead of > . This way only the exact length (20) will take 10sec. ...LENGTH(password)=§1§...
tnx a lot professor i have one question when we use substr and when we use substring function in latest Labs somewhere we used substring like this example: ' and (select substring(password,1,1) from users where username='administrator')='a'-- and somewhere we used substr like this example: ' || (select CASE WHEN (1=1) THEN TO_CHAR(1/0) ELSE '' END FROM users where username='administrator' and substr(password,1,1)='a') || '
I tried over and over again, and downloaded this Python script and used it, changed the TrackingId and session and URL to match my fresh session, and was not able to get this to work. the Python Script runs, but never retrieves a result. It just continues to cycle through the ASCII characters. I'm on Python 3.11.6 on OSX 14 Sonoma.
I tried this again in the morning, with a fresh start, and the python script works. So it's not my python version, and I'm using the same code, the only difference I can see is that I added the /filter?category=Pets to the url.
Is there a way to get the trackingid and session cookies using the script itself rather than having to add it manually? I tried using the r.cookies.get_dict() method but the cookies don't match with the ones opened in the lab probably because I'm sending another request to get the cookies.