SQLi - SQL injection
SQL databases are used to store username, passwords and other data -poor user input sanitization can lead to SQLi -authenticate as admin with pw of ‘or 1=1— - SELECT * FROM users WHERE username = admin AND password := ’ or 1=1 — -
authenticate with user: ‘or 1=1— - pass: ‘or 1=1— -
SQLMap use burpesuite-capture the request for the serach
ssh agent47 videogamer124