Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Academy, SQL-Injection, Microsoft Version request

Volker | Last updated: May 20, 2021 10:34PM UTC

Hi, I am injecting - according to the solution and to the video - the following string into the database: https://ac1e1f9b1f4ba0a980e0fc0a0029005b.web-security-academy.net/filter?category=Gifts'+UNION+SELECT+'a','a'# And it throws an error. Why? Best Volker

Michelle, PortSwigger Agent | Last updated: May 21, 2021 02:13PM UTC

Hi Volker So we can help, can I double-check the name of the lab you're currently working on, please? Is it 'SQL injection attack, querying the database type and version on MySQL and Microsoft'?

Volker | Last updated: May 25, 2021 05:03AM UTC

Yes, you are right. That is the actual lab I am talking about.

Ben, PortSwigger Agent | Last updated: May 25, 2021 10:12AM UTC

Hi Volker, Are you entering your payload directly into the address bar of your browser or using Burp? If you are entering this directly (rather than using Burp as the solution suggests) then you need to consider whether a certain, special character needs to be encoded.

Volker | Last updated: May 27, 2021 04:46AM UTC