Post Parameter SQL Injection With Live HTTP Header
Hello every in this session I will show you the post parameter sql injection with live Header so read carefully. For This Injection you will need an addon in firefox called Live Http Header
Be Patient while Reading 😉
index.php?detailrecid=4 or index.php?maincat_id=1&subcat_id=17
So Lets Go to page as shown below with music (red ellipse on picture bellow).
There are many songs and three buttons (links) for every song (red square on picture bellow).
we go with mouse over first button in red square (Licence) we get a hint in lower left corner of Firefox about URL we will visit if we will click on it.
Same is true if we go with mouse over third button (Demo)
BUT if we go with mouse over second button in red square on picture above (Download) we don’t get that hint any more. We don’t see URL to be visited if we would click on that button (as with other two buttons)
Why it happens ?
We all know HTTP protocol (by HTTP/1.1 specification) supports different request methods like: GET, POST, HEAD, OPTIONS, PUT, DELETE, TRACE and CONNECT. We are using most of the time GET and POST requests.
Ok, Now Start a Live Http Header and you will get a dialogue.
Make sure that capture button is checked and if there is some http header in so click con clear button we will start with empty state.
After clicking on button Download our Live HTTP Headers dialog is changed as it captured request sent to server. It will looks like
From the above picture we can see in first red square it was really POST request as we assumed. From second red square we can see what parameters were sent to server.
We couldn’t see them until we intercept them with Live HTTP Headers (or from web page HTML source code). BTW check box Capture (red ellipse on picture above) can be unchecked now as we don’t want to capture further request(s).
Let’s click on first line in Live HTTP Headers above POST section data (http://www.<our_site_in_challenge>.com/index.php) and then on button Replay in lower left corner of dialog (picture above).
we got a new dialogue
Look in POST Content section of dialog (red ellipse on picture above)*** There are parameters we can modify.
Now we can use our usual SQLi strategies to test vulnerability, find columns count.****** and prepare our command to inject. In ellipse (picture above) we can see. I already added [b]’ after recid parameter. When I click on button Replay (right lower corner of dialog) our modified command is sent to server and in Firefox we can follow result from it:[/b]
So recipe after we came to here is easy: modify command in red ellipse further to prepare your SQLi command. After modification just press button Replay again to send it to server. BTW site in this challenge can be injected with union select based or error based SQLi.
I think you enjoyed this Post Parameter SQL Injection tutorial. Keep practising and learning.