Burp Suite User Forum

Login to post

About lab SQL injection attack, querying the database type and version on MySQL and Microsoft

Sneha | Last updated: Jun 10, 2021 01:46PM UTC

Whenever I insert SQL injection query in my browser it shows me internal server error in my browser but same SQL injection query when I send to server with the help of repeater it works and HTTP status code in burp suite is 200. Why browser is showing internal server error then ?

Ben, PortSwigger Agent | Last updated: Jun 10, 2021 02:03PM UTC

Hi, If you are entering the payload directly into the address bar of your browser then you need to consider whether a certain, special character needs to be encoded. Using Burp to deliver the payload circumvents this issue.

You need to Log in to post a reply. Or register here, for free.