This is the second of the labs for SQL Injection, the first section of the apprentice track in Portswigger Academy. Like the first lab, it doesn't require Burp Suite, although you can use it. I chose not to.
The lab website is a sample store. Click the My Account link at the top of the page.
This takes you to a login page.
In the Username box, type administrator'-- and in the password box, enter anything (the password will not get passed to the database). That's it, you're now logged in as administrator, and the banner pops up congratulating you on completing the lab.
No comments:
Post a Comment