SQL Injection – Login Bypass | PortSwigger Lab Note #2

target： Lab URL: https://portswigger.net/web-security/learning-paths/sql-injection/sql-injection-subverting-application-logic/sql-injection/lab-login-bypass Tools Used: browser Burp suite Vulnerability Summary： Type: SQL Injection Description: This lab contains a SQL injection vulnerability in the login function. To solve the lab, perform a SQL injection attack that logs in to the application as the administrator user. Steps to Exploit： 1.First of all, check the login interface. Then enter arbitrary values for the account and password. 2.Submit arbitrary values and use Burp to intercept the request. It's easy to find a request with the POST method. Then modify the account to administrator'--. 3.Finally, forward the request to complete the lab. Remediation： Use parameterized queries (prepared statements) instead of dynamic SQL. Apply strict input validation on user-supplied data. Use least-privileged database accounts to reduce impact. Lessons Learned： 1.Try using the administrator acco