1

There is a form that I'm trying to crack it. It has two fields: username & password.

When I enter 1'; WAITFOR DELAY '00:00:15' -- in username, it tries to load for about 40 seconds, then it shows this error. enter image description here

I get the same above error with other different inputs which tries to do SQL injection.

I think that form is vulnerable, Am I right ? How can I take advantage of it ?

The website is written in java as a backend language.

Youssef13
  • 111
  • 2
  • 1
    See [another of my answer](https://security.stackexchange.com/questions/186345/how-to-extract-data-using-sql-injection-on-a-vulnerable-asp-net-application/190155#190155) about how these injections could be used. Even if I'm unsure this place is for teaching exploits to new comers. Still, that process often works well to spot real injectable fields while relying on "I got an error page when trying this/that" won't. – Xenos Jul 25 '18 at 14:10
  • 1
    apologies! I spotted another typo too - try `' OR 1=1; --` and see if that works, the `--` comments out the rest of the SQL statement on the server side – Connor J Jul 25 '18 at 14:48
  • I'm getting the same result ==> The connection was reset – Youssef13 Jul 25 '18 at 14:51
  • 1
    Is this a blackbox or whitebox situation. You know what the website was written in. Do you have access to the code? – JimmyJames Jul 25 '18 at 15:27
  • @JimmyJames blackbox, but it's not being used for harming anybody, so, I don't have access to the code. – Youssef13 Jul 25 '18 at 15:29
  • Do you have permission to test? – schroeder Jul 25 '18 at 15:34
  • No, The purpose of that is to tell website owners to fix it. – Youssef13 Jul 25 '18 at 15:38
  • 1
    @Youssef13 Then you've done about all you can without becoming a "malicious entity". Your best bet is to inform them of the suspected issue and only continue testing if they ask for more specifics and give you permissions to test (you don't want to accidentally be responsible for breaking their whole system). – Delioth Jul 25 '18 at 16:27
  • @Delioth , They want a proof that there is an issue in the system. I'm not going to break their whole system. It's all about finding the correct vulnerability to inform them so they fix that. – Youssef13 Jul 25 '18 at 17:21

0 Answers0