Is your password for sale on the Dark Web? Find out now with Dashlane: https://www.dashlane.com/networkchuck50 (Use code networkchuck50 to get 50% off) In this video, we’re learning one of the oldest, yet most dangerous Hacking Techniques out there, SQL Injection. Despite SQL Injections being over 20 years old, they still rank number 3 on the OWASP Top 10 List….why? Even fortune 500 companies are still vulnerable to these attacks!! So, in this video, NetworkChuck will show you how to run an SQL Injection attack. Running a basic SQL Injection attack is pretty easy but will often become more complex with trickier targets. Stuff from the Video --------------------------------------------------- TARGET SITE (Altoro Mutual): https://demo.testfire.net/index.jsp MORE practice: https://play.picoctf.org/practice/challenge/304?page=1&search=sqli How to protect against SQL Injection attacks: https://www.crowdstrike.com/cybersecurity-101/sql-injection/ 🔥🔥Join Hackwell Academy: https://ntck.co/NCAcademy **Sponsored by Dashlane SUPPORT NETWORKCHUCK --------------------------------------------------- ➡️NetworkChuck membership: https://ntck.co/Premium ☕☕ COFFEE and MERCH: https://ntck.co/coffee Check out my new channel: https://ntck.co/ncclips 🆘🆘NEED HELP?? Join the Discord Server: https://discord.gg/networkchuck STUDY WITH ME on Twitch: https://bit.ly/nc_twitch READY TO LEARN?? --------------------------------------------------- -Learn Python: https://bit.ly/3rzZjzz -Get your CCNA: https://bit.ly/nc-ccna FOLLOW ME EVERYWHERE --------------------------------------------------- Instagram: https://www.instagram.com/networkchuck/ Twitter: https://twitter.com/networkchuck Facebook: https://www.facebook.com/NetworkChuck/ Join the Discord server: http://bit.ly/nc-discord 0:00 ⏩ Intro 0:39 ⏩ Sponsor - Dashlane 1:43 ⏩ How Websites work with Databases 2:08 ⏩ What is a SQL Injection?? 2:51 ⏩ Strings in SQL Queries 3:25 ⏩ Is a website vulnerable to SQL Injection? 4:14 ⏩ SQL Query Logic 4:45 ⏩ the OR SQL Injection Payload 7:13 ⏩ the COMMENT SQL Injection Payload 8:42 ⏩ how to protect against SQL Injections AFFILIATES & REFERRALS --------------------------------------------------- (GEAR I USE...STUFF I RECOMMEND) My network gear: https://geni.us/L6wyIUj Amazon Affiliate Store: https://www.amazon.com/shop/networkchuck Buy a Raspberry Pi: https://geni.us/aBeqAL Do you want to know how I draw on the screen?? Go to https://ntck.co/EpicPen and use code NetworkChuck to get 20% off!! #sqlinjection #owasptop10 #sqli
ADVERTISEMENT
Teach me how to get the passwords and email addresses I need I will pay you.
The best YouTube channel all the time 🎉🎉🎉 Long Live NetworkHuck ✍️👍
7:35 that is the hash-sign, never mind, this was fun, esp. because you presented every hacker's favourite bank ;-)
dang bro i did it in 5 seconds
The OR payload statment works also the banking site is fake but good for testing
I love how you started the video.
Hacking / cracking tutorials are so funny because they tell you "bro we don't encourage you to hack this is just for education" and 3 minutes later they teach you how to hack cyberstan
Hello from 3 years later. This is one of the best explanations I've found so far, I had like 3 different "A-HA!" moments while I was watching it :D thank you!
For those who don't know what to do? the password and admin is: admin admin
Who else accidentally guessed the password on the website and had to go back to test the SQL injection
crazy how simple it looks compared to how you imagine, well this one i guess
Hi Chuck , I was Learning SQL and I got your Video in recommendation , the way you are explaining Things and simplifying things are best , I have learned SQL Injection , But haven't understand at that time , The way of explaining is just "the Best ". I feel proud to be your Subscriber , you have earned it Mate !!!, Lots of Love From India !!!!!!!
I just typed admin admin and I got the admin panel without using SQL
This is the first video I’ve watched from your channel, and I absolutely loved it! I wish more teachers explained concepts the way you do. Just subscribed – looking forward to learning more!
2 years later i logged into the website within 3 seconds FANTASTIC video D:
Years passed, the way you teach is very interesting and very productive
I am here two years later and like one of the comments on here, I know this website is made vurnable however it does make me feel like legend! Lastly thank you for all your content, it has reignited my passion for tech and directed me on the road to success as I am finishing my degree in Computer Information Systems. I learned more from you about python then I did my own professors!
An entire college course in 10 minutes 🤭
Excellent basic video on SQL injection
I did it first try!! This was fun and your step-by-step process is simple and easy to follow.