Hi, and welcome to this new video!

In this video I introduce one of the most famous vulnerabily in the context of Web Exploitation, namely SQL injections.

In particular we will talk about databases and the SQL language, then we will discuss about programming languages, interpreters, and the main idea behind injections vulnerabilities, and finally we will see two practical examples of SQL injections, one taken from DVWA, and the other from SecureBank, two applications written with the intent to be vulnerable.

If you're interested in more videos of the series or if you have any feedback, please let me know!

-------------------------

TIMESTAMP

00:00 Introduction
03:15 Databases and Structured Query Language (SQL)
16:40 Simple queries
22:30 Interpreters
27:15 Injections
30:42 Example 1 – PHP Snippet
38:30 Example 2 – DVWA easy
50:10 Example 3 – DVWA medium
53:44 Example 4 – SecureBank

-------------------------

REFERENCES

- Material: https://github.com/LeonardoE95/yt-en/tree/main/src/2024-03-03-web-exploitation-sql-injections
- SecureBank: https://github.com/ssrdio/SecureBank
- DVWA code: https://github.com/LeonardoE95/DVWA
- BurpSuite Community Edition: https://portswigger.net/burp/communitydownload
- Icon for thumbnail: https://www.flaticon.com/free-icons/vaccine


-------------------------

CONTACTS

- Blog: https://blog.leonardotamiano.xyz/
- Github: https://github.com/LeonardoE95?tab=repositories
- Support: https://www.paypal.com/donate/?hosted_button_id=T49GUPRXALYTQ