Student Reviews
( 5 Of 5 )
1 review
Video of Broken Authentication and SQL Injection OWASP Juice Shop TryHackMe in Web PenTesting course by Motasem Hamdan Cyber Security & Tech channel, video No. 54 free certified online
In this video walkthrough, we covered broken authentication and SQL injection walkthrough as part of OWASP Juice Shop from TryHackMe
Receive Cyber Security Field Notes and Special Training Videos
https://www.youtube.com/channel/UCNSdU_1ehXtGclimTVckHmQ/join
OWASP Juice Shop TryHackMe
https://tryhackme.com/room/owaspjuiceshop
Blog Post
https://motasem-notes.net/tryhackme-owasp-juice-shop-the-complete-guide/
Store
https://buymeacoffee.com/notescatalog/extras
Patreon
https://www.patreon.com/motasemhamdan
Instagram
https://www.instagram.com/mastermindstudynotes/
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6aiL8z6
LinkedIn
[1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/
[2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/
Instagram
https://www.instagram.com/mastermindstudynotes/
Twitter
https://twitter.com/ManMotasem
Facebook
https://www.facebook.com/motasemhamdantty/
0:01 - Introduction to OWASP Juice Shop on TryHackMe
0:10 - Overview of Juice Shop Tasks and SQL Injection
0:33 - Task 1: SQL Injection to Login as Administrator
1:20 - Setting Up Burp Suite Intercept for SQL Injection Testing
2:05 - Demonstrating SQL Injection Bypass for Admin Access
4:05 - Logging into Admin Account and Copying the Flag
5:13 - Task 2: Logging into Vendor Account with SQL Injection
6:18 - Using Burp Suite for SQL Injection on Vendor Login
7:24 - Successfully Logging into Vendor Account
8:00 - Task 3: Brute-Forcing Admin Password with Intruder
8:42 - Setting Up Intruder Payloads for Password Brute-Force
10:07 - Identifying Successful Password from HTTP Response Code
10:23 - Task 4: Resetting Jim's Password via Security Question
10:39 - Attempting Password Reset by Answering Security Question
12:03 - Researching Security Question Answer Using Star Trek Reference
13:00 - Resetting Jim's Password and Retrieving Flag
13:20 - Summary of SQL Injection and Broken Authentication Vulnerabilities
13:36 - Next Steps: Further OWASP Juice Shop Tasks