SQL Injection - Lab #3 SQLi UNION attack determining the number of columns returned by the query

In this video, we cover Lab #3 in the SQL injection track of the Web Security Academy. This lab contains a SQL injection vulnerability in the product filter category field. This vulnerability can be exploited using a UNION attack to retrieve data from other tables. To solve the lab, we perform a SQL injection attack that determines the number of columns that are being returned by the query.This is the first step of a SQL injection UNION attack. We'll use this technique in subsequent labs to construct the full attack. ▬ ✨ Support Me ✨ ▬▬▬▬▬▬▬▬▬▬ Buy my course: https://academy.ranakhalil.com/p/web-security-academy-video-series ▬ Links ▬▬▬▬▬▬▬▬▬▬ Detailed video: https://www.seevid.ir/fa/w/4aS6j3cBVUU SQL injection Lab #2 video (previous video): https://www.seevid.ir/fa/w/fMPvCyD2v4w SQL Injection | Complete Guide (theory video): https://www.seevid.ir/fa/w/1nJgupaUPEQ Notes.txt document: https://github.com/rkhal101/Web-Security-Academy-Series/blob/main/sql-injection/lab-03/notes.txt Web Security Academy: https://portswigger.net/web-security​​ Rana's Twitter account: https://twitter.com/rana__khalil

• #science_technology
• #security
• #web_security
• #owasp
• #open_web_application_security_project
• #sqli
• #sql_injection
• #portswigger
• #web_security_academy
• #python
• #offensive_security
• #bug_bounty
• #scripting
• #burp
• #burp_suite
• #oswe
• #offensive_security_web_expert