1 00:00:12,190 --> 00:00:14,720 Hey, guys, welcome back to another episode on How to Hack. 2 00:00:15,250 --> 00:00:19,200 So over here, we have already installed Web Gote and we have Web good running. 3 00:00:19,660 --> 00:00:24,400 So we're going to go into a one which is under injection on the left side, as you can see. 4 00:00:24,700 --> 00:00:30,370 So, as mentioned earlier, Web Gote is a vulnerable Web application system that we can penetrate into. 5 00:00:30,490 --> 00:00:36,130 At the same time, they have structured the entire curriculum to make it very, very easy for us to 6 00:00:36,130 --> 00:00:41,170 learn about cyber security, especially in a real Web application penetration testing. 7 00:00:41,590 --> 00:00:44,640 OK, so we are going to go into sequel injection intro. 8 00:00:44,920 --> 00:00:45,150 All right. 9 00:00:45,220 --> 00:00:51,010 So over here, we're going to learn about structured query language and how it is being utilized by 10 00:00:51,010 --> 00:00:58,870 websites, Web application systems, as well as mobile application systems to actually allow users and 11 00:00:58,870 --> 00:01:00,840 systems to store records. 12 00:01:01,060 --> 00:01:07,570 And when I say records, it could be a user database, credit card information shopping cart and many 13 00:01:07,570 --> 00:01:14,080 other database systems that they could actually use to manage and power recording all this different 14 00:01:14,080 --> 00:01:14,500 data. 15 00:01:15,040 --> 00:01:21,370 So, of course, they're going to go through about query, sequel injection and how SQL Fundamentals 16 00:01:21,370 --> 00:01:21,590 work. 17 00:01:21,610 --> 00:01:26,800 So I think this is a really important step in terms of learning how SQL injection come about. 18 00:01:27,520 --> 00:01:29,320 So first thing, first on no. 19 00:01:29,320 --> 00:01:34,590 Item two, what is Eskil or ask who else stands for structured query language? 20 00:01:34,600 --> 00:01:40,690 So it is a query language that help us be able to pool, record updatable information, dilute table 21 00:01:40,690 --> 00:01:47,710 drop tables and all this manipulation inside a database system and a database system can be from Microsoft 22 00:01:47,710 --> 00:01:48,340 SQL. 23 00:01:48,340 --> 00:01:50,590 It could be from possible SQL. 24 00:01:50,920 --> 00:01:53,830 It can be many of those different kind of database systems. 25 00:01:54,400 --> 00:01:55,810 So here we have a table. 26 00:01:55,900 --> 00:02:04,560 So a table is a 2D ruwan column and allow us the ability to store data almost like an Excel sheet format. 27 00:02:04,930 --> 00:02:07,510 And over here we have the columns. 28 00:02:07,540 --> 00:02:07,780 All right. 29 00:02:07,780 --> 00:02:11,350 Sort of columns, as you can see, are identified by the column names. 30 00:02:11,560 --> 00:02:16,290 So we have user ID, first name, last name, department salary of 10. 31 00:02:16,300 --> 00:02:16,530 All right. 32 00:02:16,540 --> 00:02:22,240 So this can be, for example, a password for you that is used to authenticate users into the system. 33 00:02:22,660 --> 00:02:30,160 And a user ID is a unique value, is a unique value to uniquely identify and distinguish across the 34 00:02:30,160 --> 00:02:30,960 different roles. 35 00:02:31,150 --> 00:02:37,840 So all these rules represent data for one specific, perhaps user as part of recordkeeping. 36 00:02:38,500 --> 00:02:44,440 And of course, as we screw all the way down, we can look at how we can construct a system to do SQL 37 00:02:44,440 --> 00:02:45,030 query. 38 00:02:45,400 --> 00:02:46,240 So in our case. 39 00:02:46,240 --> 00:02:51,570 All right, look at the example table trying to retrieve the department of the employee, Bob Frankel. 40 00:02:51,760 --> 00:02:56,440 OK, so what we can do here is we can try to retrieve those data and we can see the Broch. 41 00:02:56,440 --> 00:02:58,550 Franco has a user ID of the following. 42 00:02:58,870 --> 00:03:04,510 So what we will do now is to use of course, you can go to school costs dot com so we can use select 43 00:03:05,380 --> 00:03:08,020 astir extends for all from. 44 00:03:08,380 --> 00:03:08,860 All right. 45 00:03:08,980 --> 00:03:18,640 Employees where user ID equal and we can paste the user ID data over here so we can paiser user data 46 00:03:19,060 --> 00:03:20,350 and it click submit. 47 00:03:20,590 --> 00:03:27,160 So once you click submit it will immediately pull those records that complies to this specific future. 48 00:03:27,160 --> 00:03:29,650 What a user IDs nine six one three four. 49 00:03:29,650 --> 00:03:33,650 And he will pull up this specific roll of all these different details. 50 00:03:34,060 --> 00:03:39,250 So in this case, we can see the salary, the often the department last name, the first time to use 51 00:03:39,250 --> 00:03:39,620 it. 52 00:03:39,940 --> 00:03:46,070 So all those information inside a table with all of those columns in relation to the role will be pulled 53 00:03:46,070 --> 00:03:46,310 out. 54 00:03:46,360 --> 00:03:49,980 OK, so this is the basic of how scoring is being run. 55 00:03:50,170 --> 00:03:54,220 So every time you're logging into a website, you're logging into a site and so on. 56 00:03:54,760 --> 00:04:00,160 What it does is that it will actually pull those records, do a check on a record, and then after that 57 00:04:00,160 --> 00:04:04,630 allow you access into the site depending on whether you pass or fail to log in. 58 00:04:05,560 --> 00:04:06,440 And we have GML. 59 00:04:06,490 --> 00:04:09,100 VML stands for data manipulation language. 60 00:04:09,110 --> 00:04:15,400 OK, so they allow us to select, insert update, delete tables, information and of course, attacker. 61 00:04:15,400 --> 00:04:21,820 If we know how to utilize data manipulation language, they can change to information of a particular 62 00:04:21,820 --> 00:04:24,760 table record or many roles in a table. 63 00:04:24,970 --> 00:04:32,170 OK, so this are the different data manipulation language commands storing, retrieving, modifying 64 00:04:32,170 --> 00:04:33,070 and deleting data. 65 00:04:33,280 --> 00:04:38,320 OK, so over here we have an example where we are receiving and retrieving data. 66 00:04:38,870 --> 00:04:45,480 OK, and now what we will do is to change information of a particular role using data manipulation language. 67 00:04:45,700 --> 00:04:52,360 So what we can do is use update or update will be the instruction that we will send so we can to update. 68 00:04:53,140 --> 00:04:58,680 OK, and not a good thing is that I'll be I'll be pasting into the comments section over here. 69 00:04:58,720 --> 00:05:05,140 So I've actually created and all the payloads that we will use as part of learning about how to run 70 00:05:05,140 --> 00:05:05,940 all these attacks. 71 00:05:06,280 --> 00:05:09,590 So this is for item number to update employees set deposit. 72 00:05:09,690 --> 00:05:16,260 An equal sales, all right, and where user ID is equal, so we are doing a direct Futter again. 73 00:05:16,290 --> 00:05:19,190 OK, so all I got to do is paste the information here. 74 00:05:19,560 --> 00:05:20,080 Update. 75 00:05:20,430 --> 00:05:20,850 All right. 76 00:05:20,880 --> 00:05:24,580 This is the table name set to call them name. 77 00:05:24,840 --> 00:05:25,260 All right. 78 00:05:26,480 --> 00:05:33,290 Into cells and in where the user already belongs to and of course, Toby Barnett has a user idea of 79 00:05:33,290 --> 00:05:34,710 eight, nine, seven, six, two. 80 00:05:34,730 --> 00:05:36,140 So go ahead and click submit on it. 81 00:05:37,220 --> 00:05:41,240 So once you click something on it, it will say you have successfully completed the assignment. 82 00:05:41,660 --> 00:05:47,770 And this will immediately show us the information that has been updated to the department of the user. 83 00:05:47,990 --> 00:05:50,720 So immediately we can find out those details over here. 84 00:05:50,750 --> 00:05:52,940 OK, so we have updated the table. 85 00:05:53,490 --> 00:05:53,750 All right. 86 00:05:53,760 --> 00:05:56,630 So moving on into section number four. 87 00:05:56,660 --> 00:06:01,280 Look at a lesson number before we have data definition, language or so. 88 00:06:01,280 --> 00:06:06,680 This is about creating the database, especially in the area of defining data structures. 89 00:06:06,680 --> 00:06:11,210 Database schemas will let us understand how data should be signed in a database. 90 00:06:11,270 --> 00:06:15,870 OK, so this is also important in terms of the database structure. 91 00:06:15,920 --> 00:06:16,250 All right. 92 00:06:16,260 --> 00:06:18,680 So we have create creating a table. 93 00:06:18,800 --> 00:06:19,190 All right. 94 00:06:19,460 --> 00:06:21,970 Or trimming a table, dropping a table in itself. 95 00:06:22,190 --> 00:06:26,870 So whenever we have a table inside a database system, we have to first create a table. 96 00:06:27,290 --> 00:06:30,020 And by creating a table, we have different multiple columns. 97 00:06:30,170 --> 00:06:34,270 So the columns would have over here first name, last name, user ID. 98 00:06:34,460 --> 00:06:37,100 And over here we can see there was a primary key. 99 00:06:37,280 --> 00:06:37,510 All right. 100 00:06:37,520 --> 00:06:45,110 So one of the columns has to be a primary key to uniquely identify the values inside each of the roles 101 00:06:45,110 --> 00:06:45,960 inside the table. 102 00:06:46,000 --> 00:06:49,250 OK, and then we have variable and character. 103 00:06:49,340 --> 00:06:55,520 OK, so this is the type of data that we are going to input into a particular column. 104 00:06:56,360 --> 00:06:58,670 So over here we have the skill query as well. 105 00:06:58,700 --> 00:07:00,200 OK, so what can we do now? 106 00:07:00,200 --> 00:07:04,620 Trying to modify the scheme by adding to column phone to the table employees. 107 00:07:05,180 --> 00:07:07,970 So over here I'm going to explain to you what the payload looks like. 108 00:07:08,000 --> 00:07:09,140 OK, so we can copy. 109 00:07:09,300 --> 00:07:09,620 All right. 110 00:07:09,630 --> 00:07:14,660 So what we are doing is we altering the table because we have first created the table, but now we need 111 00:07:14,660 --> 00:07:15,770 to add in a column. 112 00:07:16,310 --> 00:07:17,900 So we need to alter the table. 113 00:07:18,120 --> 00:07:18,500 All right. 114 00:07:18,830 --> 00:07:22,550 And then, of course, you specify the table name in this case, employees. 115 00:07:23,030 --> 00:07:29,750 And then we put in at OK, we ate this particular column as well as a column data type var char and 116 00:07:29,760 --> 00:07:34,790 then followed by the open bracket 20 and a close bracket followed by semicolon and instruction. 117 00:07:35,180 --> 00:07:37,580 So go ahead and click submit and immediately. 118 00:07:37,830 --> 00:07:44,940 OK, I can enter over here going click submit and we'll be able to add the information into the system. 119 00:07:44,960 --> 00:07:45,180 All right. 120 00:07:45,200 --> 00:07:50,960 So alter table employees at phone char or character. 121 00:08:10,390 --> 00:08:15,220 All right, so as you can see over here, like we said, the database quickly so that we can rectify 122 00:08:15,430 --> 00:08:18,560 what could have already been added into the database system. 123 00:08:18,610 --> 00:08:18,770 All right. 124 00:08:18,790 --> 00:08:22,740 So we have auto table employees at Ford, which are 20. 125 00:08:22,780 --> 00:08:28,090 So that helped us able to add in this particular column into the table. 126 00:08:28,600 --> 00:08:28,980 All right. 127 00:08:29,170 --> 00:08:30,600 So we've now we're going to pass here. 128 00:08:31,030 --> 00:08:31,390 All right. 129 00:08:31,390 --> 00:08:33,690 And we're going to Section two in subsequent videos. 130 00:08:33,850 --> 00:08:37,150 So once again, I hope you've learned something valuable in today's class. 131 00:08:37,300 --> 00:08:42,010 And if you like what you've just watch, like share and subscribe to the channel so that you can be 132 00:08:42,010 --> 00:08:44,080 kept abreast of the latest cybersecurity. 133 00:08:44,620 --> 00:08:46,090 Thank you so much once again for watching.