Well I imagine that most of them know how to do SQL injection or at least basic concepts (for saying write a query in a text box), but how can SQL injection be done from a control NOT Editable (Example combo box) How can I change the value of a combo that is sent to the server? Thanks for your help.
do SQL Injection from ComboBox control
-1
2 answers
2
In a more traditional way, using a browser: Right click, inspect element, double click on the code you want to change and change it, for example you remove the "disabled", change the values of the drop-down that you mention and so on. All this information was written for academic purposes, I can not be held responsible for any damages that may be caused by misusing the present response.
For more information about inyecciones SQL and other vulnerabilities in web applications, I recommend visiting OWASP
answered by
26.07.2016 в 18:13
1
to intercept the request to the server and then inject your sql code, java Script, etc; you can use Burp Suite, this tool has a free version which you can configure to alter requests to the server, perform injection and program scripts. another option is to use ZAP which is a penetration testin tool based on the top ten OWASP.
Burn: link
Greetings
answered by
26.07.2016 в 18:06