🧪 Objective
The objective of this experiment is to gain hands-on understanding of SQL injection (SQLi) by simulating a login bypass using a crafted SQL payload. This activity was conducted in a safe, controlled, and educational lab environment, following ethical practices and using PortSwigger’s interactive training platform. The goal is to comprehend how attackers exploit input fields to manipulate backend SQL queries and gain unauthorized access to systems.
⚙️ Steps Performed
Accessed the SQL Injection Lab
Visited PortSwigger’s Web Security Academy and selected a beginner-level lab focused on SQL injection vulnerabilities in login forms. This environment is specifically built for learning purposes and ensures no real-world systems are harmed.
Located a Vulnerable Login Page
Navigated to a simulated website with a login interface vulnerable to SQL injection. The form allowed both username and password inputs.
Injected SQL Payload
In the username field, entered the classic SQL injection payload:
' OR '1'='1
This payload exploits the logic of the SQL query by always returning true ('1'='1'), effectively bypassing authentication checks.
In the password field, either left it blank or entered any arbitrary value, as the SQL condition bypassed the need for a valid password.
Submitted the Form
Clicked on the "Log In" button. The backend SQL query was manipulated to authenticate the user without verifying proper credentials.
The payload ' OR '1'='1 alters the backend SQL query to always return TRUE, tricking the application into logging in without valid credentials.
This highlights improper input sanitization, one of the OWASP Top 10 vulnerabilities.
Shows how attackers exploit weak input handling to gain unauthorized access.