Time
1 hour 49 minutes
Difficulty
Intermediate
CEU/CPE
2

Video Transcription

00:00
everyone welcome back to the course. So in the last video, we talked about where you can go find the assessment for this course. So again, if you have access to the cyber lab environment, you'll be doing the sequel injection lab by range Force as your assessment for the course. And if you don't have access to the cyber labs, you just wanna practice sequel injection attacks more in your own virtual environment.
00:21
So in this video, we're just gonna wrap up what we've discussed in the course so far. So in Module one, we talked about the basics of sequel injection, so we talked about sequel basics in general. So sequel databases. We then moved into sequel injection What that is We also talked about the different types of sequel injection attacks
00:37
and in module to we had our lab. So we started off by me showing you some areas where you can go get set up your virtual machine. So I talked about virtual box. I talked about Kelly Linens, also talked about medicine palatable and showed you were Thio. Grab those and then I showed you how to use medicine portable to best get your I p address to then put inside of Cali Lennox to access to me till today Tool.
00:58
And then we moved into our first lab of the course where I showed you some basic
01:03
manual sequel injection attacks. So again, we use me till today, which is a tool, and I use the cyber lab environment for lab one. But you're welcome. You're welcome to use your own environment for that particular lab. And what is practice against some different logging pages? First thing we try to do is log in as an admin without having a password. So we went ahead and did that. We were successful at that.
01:22
And then we also went ahead and try to get information from the database
01:26
with a sequel injection attack. And we noticed that we were able to get a bunch of different user accounts. Now, obviously, Mattila days a little easier than like attacking some corporation because it's designed to be vulnerable.
01:38
Then we moved into lab to where we do the sequel injection vulnerability. Skinner. I showed you had to install that. Ever run a scam with that again? I blocked out the information from my scant results so that way. There was no risk of you potentially attacking those. You are l's and again on your side. If you were running the tool, you were able to see that I want to stress with labs two or three again. If you If you for some reason you skipped over those
01:57
and you're at this video now I want to stress that. Make sure that's legal in your dear jury straight your excuse me jurisdiction
02:05
before you go running any labs in this court. So just make sure that you're covered from a legal standpoint before you go playing around with sequel injection attacks. I don't want you to getting yourself in a situation.
02:15
And then lab three, we moved into the sequel map. So again, I blocked out the girl I was using because I didn't have permission for students to use it. But you had issues. Whatever you are, l you actually have legal permission to use and run the attacks. All of those labs had step by step guides to measure you've down. You've downloaded those. If for some reason you haven't yet measure you download those. There's a lot more Resource is in the course
02:35
and I've also included additional Resource is in the
02:38
resource section that includes some videos from different teaching assistants and some other helpful documents as well that they've created. So I want to give them a quick shout out as well on the course. Further assistance on
02:50
Now. What are the next steps? Well, I recommend several courses on Cyber is kind of the next steps, if you like sequel injection. If you're interested in Web attacks, I definitely recommend the loss course. It's kind of a basic entry level type, of course, but it introduces you to all of the OAS top 10 I mentioned earlier on in this course that
03:06
sequel injection attacks were the most common type of injection, attack
03:10
and injection attacks in general, being number one on the Ola Stop let 10 list. So if you're curious about the other things on the old lost top tennis, a different recommend you take that course. Also take Web application penetration testing. That's a great course that covers a lot of Web attacks at a kind of broader level.
03:28
And then, of course, my ethical hacking course will teach you the basics of ethical hacking of all this stuff for a brand new, too,
03:32
to penetration, testing or ethical hacking. If this was all brand new to you and this guy, this course got you excited about it, then definitely take that course to get some good foundational knowledge. And then, of course, theat Vance pen testing course by Georgia Weidman is always a good one. Just keep in mind that some of the tools mentioned in there there's updated versions of those and some other tools and use.
03:51
So you may have to adapt some things in that particular course
03:53
for your newer needs to learn the best skills out there. But she covers a tone of information. That course, and it's really, really good is kind of the next step after my basic ethical hacking course.
04:04
So I just want to thank you again for taking this course. I hope you enjoyed it, and I will see in the next one

Up Next

SQL Injection

This course will cover a brief introduction to databases and SQL commands, basic information about Web applications, and basic information about SQL Injection attacks.

Instructed By

Instructor Profile Image
Ken Underhill
Master Instructor at Cybrary
Master Instructor