This course details the exploitation of SQL injection in a PHP based website and how an attacker can use it to gain access to the administration pages. Then, using this access, the attacker will be able to gain code execution on the server. The attack is divided into 3 steps:
- Fingerprinting: to gather information on the web application and technologies in use.
- Detection and exploitation of SQL injection: in this part, you will learn how SQL injections work and how to exploit them in order to retrieve information.
- Access to the administration pages and code execution: the last step in which you will access the operating system and run commands.