How would you check for SQLi vulnerability?

SQLi 1

santer9
7 years ago

0

So, I know this is supposed to be completed with SQLi, however I checked the inputs by passing some meta characters into it but I’ve no server error message so if this where another form I wouldn’t know if it’s SQLi vulnerable(or even if it’s using SQL by that matter). Off course this errors are being filtered on the back end so as to not be passed to the user, but is there any way to check for that?

1reply
2voices
159views

0

A good starter point to test if a site is vulnerable to SQLi is to run strings that test timing responses from the server,
this video will help explain things with a little bit more detail

Not sure if this is exactly what you were asking but it may help.

You must be logged in to reply to this discussion. Login
1 of 2

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss