Along of my process solving CTF and VBD challenges I’ve noted that When I face challenges relationship with SQLi or those in which I must find and exploit that kind of vulnerability. I’m having some problems to solve them and It’s clear that I have to work so hard in this subject if I want to solve challenges with higher difficult level.
What do you understand or find about that problem
I think that nowadays there are several methodologies to do a SQLi attack and until this moment I’ve explored and studied only some of them.
You make any workaround? What did you do?
Clearly I’ve been searching information relationship with this subject in internet. However until this moment I feel that although I’ve strengthened my knowledge in this topic. It’s clear that I have a large number of techniques to learn in this area.
Evidences
It can see below some of the consulted bibliography
I’d like that some of you who know and have find out a large number of techniques to carry out this kind of attack to advice or recommend me bibliographic specialized material or any kind of learning advanced material which could help me to improve my knowledge and skills to solve more difficult challenges and learn more about in this field.
Actually, there’s plenty of resources out there that can be useful, there’s no particular roadmap to learn how to SQLi, it is up to you to decide which sources suit best for your learning, you can start by theoretical and examples lessons such as:
This is only one route you can take, if you’re already familiar with the theory you can start by the challenges.
Remember that SQLi is only one vulnerability, so if you’re planning to learn to hack it is wise to learn other common vulnerabilities and misconfiguration. Hope it helps
Hi @hermit-purple
I really thank your help .
Having checked the first links, I’ve found clear explanations about SQLi which mix with some practical and simple exercises have allowed me to understand in a better way the SQLi working. Now I plan to work more with the labs links to apply that knowledge and assess my learning. On the other hand I totally agree with you since it’s necessary to know a large number to vulnerabilities to hack a real system so I’m going to keep studying and researching about them.