Member-only story
SQL Injection Tryhackme Writeup
Room link: https://tryhackme.com/room/sqlibasics
Note: This room is for Premium Members Only. who purchased THM premium membership.
Definition
Union-based SQLi is a SQL injection technique that leverages the UNION SQL operator to combine the results of two or more SELECT statements into a single result which is then returned as part of the HTTP response.
Approach
The UNION keyword lets you execute one or more additional SELECT queries and append the results to the original query. For example:
SELECT 1, 2 FROM usernames UNION SELECT 1, 2 FROM passwordsThis SQL query will return a single result taken from 2 columns: first and second positions from usernames and passwords.
UNION SQLi attack consists of 3 stages:
1. You need to determine the number of columns you can retrieve.
2. You make sure that the columns you found are in a suitable format
3. Attack and get some interesting data.
> Determining the number of columns required in an SQL injection UNION attack
There are exactly two ways to detect one:
