Wednesday, June 14, 2017

Numeric SQL Injection

Numeric SQL Injection Task Now we need to know the admins(Neville) user ID. To find it,  Start tamper data and check the employee id. this is what I can see. Now I know the admins user id. After that we can loging as normal user then we can see below  screen. In view profile below are the parameters what I can see. Now we can try and chage the employee_id data. If I change it to 112. Not sucessfull. After that we...