Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Soultion doesn't work in the lab.

jbcui | Last updated: Feb 20, 2020 12:48PM UTC

Hi, you have a wonderful lab, but i had a problem with passing Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft I tried to get her two days, nothing came out and I looked at the solution, but your decision was exactly the same that I tried to introduce more than once. After the sign " ' ", the server answers me with an error. Thank you if you look at this lab.

Ben, PortSwigger Agent | Last updated: Feb 20, 2020 03:31PM UTC

Hi, Can you provide us with the exact steps that you are using to try and solve the lab?

jbcui | Last updated: Feb 20, 2020 04:44PM UTC

1. Use Burp Suite to intercept and modify the request that sets the product category filter. 2. Determine the number of columns that are being returned by the query and which columns contain text data. 3. Verify that the query is returning two columns, both of which contain text, using a payload like the following in the category parameter: '+UNION+SELECT+'abc','def'# 4. Use the following payload to display the database version: '+UNION+SELECT+@@version,+NULL# When I tried check second step using payload '+UNION+SELECT+NULL,+NULL#, i was getting "Internal Server Error" If I use last step to solve this lab I had the same problem

Hannah, PortSwigger Agent | Last updated: Feb 21, 2020 09:39AM UTC