@@LoiLiangYang Thank you very much, I also sent you a message on udemy, I'm watching videos on payload on Android but I had problems in practice I write to you thanks again, and I must say you teach well good ☺️
Additionally, you look for vulnerabilities in the input fields by throwing in payloads to get error. This is important because once you discover the vulnerability, the advanced segment of using UNION to pull out more data comes in to play.
I can’t express how underrated your channel is considering how amazing & valuable content you are providing. Keep it up man, major hats off to you! Lots of love from India 🇮🇳
Lot of Respect to your Work Sir. Like a consistent student who regularly watches your video but I have a query from where u get sql payload can u make a video on that how to find or check payload available
Really well explained! What I would like to have are more realistic attacks. I mean are there actually still up to date webapps with that kind of vulnerabilities? What would a SQL injection look like in realistic scenario? Still a great video :)
@@roniwinchester8351 ??? What are you even talking about. That's what this channel is all about. He's already showing how to hack. If the title says advanced I dont want to see most basic stuff.
Mr Loi, you used the SQL injection attack with a completely different method. I thought you would run code like or '1=1# or or 8888=8888--. Then you will find the tables and columns on the site. I thought you would capture it. I can use sqlmap, but I cannot do it manually. Because I didn't fully understand how to do it.
Hello, some cyber security expert told me that real site is not actually attacked in this way. Do you think this is true? Should I try your suggested method if I want to attack any site? Please reply. I want to ask one more thing. What is a sql map? What is the difference between sql map and this specified method? How can we do this?
Let me confess that you're the best Loo Liang.... I want to make just one request.... make a video that would cover how to locate a phone number currently working and combined with one which is not currently working thanks
If I may know, does cyber security pay well? Average per year? And which one makes more money, cyber sec or game development company? I'm interested in both fields but I don't know which one to choose....
and how did you discovered those were valid fields on the user table? ..how did you discovered the table name? how did you discovered the type of database ? ... if this is an advance tutorial you should explain how did you came up with the payloads , not just to do a copy paste
Man your first union select query, was it fluke or actually there were 9 columns in users table? Also can you explain why you used /**/? Finally all the columns except the last one in the users table were string type?
Very educational. Thank you for create this Chanel. but honestly, I'm still not very good at understanding English so please help me to provide Indonesian subtitle. i'm from Indonesian btw.🙏🙏🙏🙏🙏
Is this advanced? Can you make an even more advanced one where you talk about information_schema etc and find the tables manually without being given the stuff like in this video, or bomb shells or writing or reading mitigation
This depends on the database right? I mean would the query be the same if the website was using a different database and if not then how would you know what query to use? do you just have to keep trying ?
Iam student from India. There are no major degree in cybersecurity , where I live. Can I take Information technology or Computer Science degree to get started in cybersecurity field?? Can you give me a suggestion to get started in the field. I was more passionate about it...
Great video. Could you please tell me how to test SQLi for below API call? This endpoint support GET, POST and DELETE method also. GET /api/v1/user/profile/123. If there is any article or video on finding SQLi, XSS, CSRF on API's, please share
Hi, I bought the course, can I write to you privately for any questions? thanks you are the best
Yes. Feel free to post your questions in Udemy and our team will get right back to you! If you're a TH-cam member of this channel, likewise too!
@@LoiLiangYang Thank you very much, I also sent you a message on udemy, I'm watching videos on payload on Android but I had problems in practice I write to you thanks again, and I must say you teach well good ☺️
how do i port forward for with smartphone connection
How can I become a youtube member ?
@@LoiLiangYang could you please make a video for hacking database using sql injection . All techniques possible
Loi is the best security instructor on TH-cam .
Thanks from 🇨🇵
Additionally, you look for vulnerabilities in the input fields by throwing in payloads to get error. This is important because once you discover the vulnerability, the advanced segment of using UNION to pull out more data comes in to play.
Plz do SQL injection video of Login Page having Captcha. All videos on internet shows only on Login page having Username and Password
I can’t express how underrated your channel is considering how amazing & valuable content you are providing. Keep it up man, major hats off to you! Lots of love from India 🇮🇳
Even me
Your voice is so soothing and smooth. Handsome, smart, effective.
You are a life changer for me. I always wanted to do ethical hacking. And now i work on a univeruity
Love ❤️ from India 🇮🇳
🇮🇳
Love ❤️ from Turkey 🇹🇷
1st & 2nd cmt from BD but pinned cmt fro. in. Really this is heart Broken think.😔🙄😒🤔
@@secretmystery8305 don't worry bro.... Good luck for next time....
@@X-secular Thank You So Much. :)
Thanks my teacher, i have hijack a website using your way. And now i have 1000% full access -
make a video about SQL injection filter bypassing
I just can't wait for other videos, much love from Kenya
Underrated channel
this is great man, exactly same as what i leran from school
In pandemic time ur spending ur precious time to teach 4r us sir,by cing ur cls.. in udemy we have learnt Sir tq sir.
Love From Bangladesh :)
hey u are a osm osm hacker wow i am fast time see your channel from india and u grow more
Your good brother,your tutorials are understandable
Love from INDIA ❤️
Good channels are mostly under rated... Very useful content.... yesterday i was looking for this... 🖤🖤🖤
you are The best by the way i am You Fan i saw every videos
But what about the Salt into Hashing.. Almost everyone does it now... A salted hash can't be reversed.
Loi I learn more from you in a 5 minute video rather than someone else’s 15 min video
Lot of Respect to your Work Sir.
Like a consistent student who regularly watches your video but I have a query from where u get sql payload can u make a video on that how to find or check payload available
Really well explained! What I would like to have are more realistic attacks. I mean are there actually still up to date webapps with that kind of vulnerabilities? What would a SQL injection look like in realistic scenario? Still a great video :)
understanding means "Etichal Hacking" they never attack other people in real life. it's all about demonstrated
@@roniwinchester8351 yes but the video title is "Advanced SQL Injection Tutorial". What he showed is the least level of diffidulty possible
@@Zero5309 then learn in google, you can't force anyone to teach you how to hack in real world.
@@roniwinchester8351 ??? What are you even talking about. That's what this channel is all about. He's already showing how to hack. If the title says advanced I dont want to see most basic stuff.
If you want to see real SQL xss attacks check for bug bounty videos. Or videos of how the winners of a bug bounty won the bounty.
wow, wonderful, we want more tutorials. thank you so much for sharing this valuable hacking method. take love from Bangladesh
Mr Loi, you used the SQL injection attack with a completely different method. I thought you would run code like or '1=1# or or 8888=8888--. Then you will find the tables and columns on the site. I thought you would capture it.
I can use sqlmap, but I cannot do it manually. Because I didn't fully understand how to do it.
Thanks mr loi for teaching me
Thank you sir ❤️ love from india ❤️❤️
Love ❤️ from India 🇮🇳
Can i get a heart ??
Hello, some cyber security expert told me that real site is not actually attacked in this way. Do you think this is true? Should I try your suggested method if I want to attack any site? Please reply. I want to ask one more thing. What is a sql map? What is the difference between sql map and this specified method? How can we do this?
Love from Bangladesh 🇧🇩❤️😊
hacker from bd i see
@@mukto2004 🇹🇷🇧🇩🇩🇿🇮🇳🇵🇰🇨🇳🇷🇺🇺🇲🇬🇧 Most of the hackers are from these countries.
@@b07x pak ? How ?
You are great teacher sir I have learned many things from you Much love and support to you❤❤💯
Let me confess that you're the best Loo Liang.... I want to make just one request.... make a video that would cover how to locate a phone number currently working and combined with one which is not currently working thanks
If I may know, does cyber security pay well? Average per year? And which one makes more money, cyber sec or game development company? I'm interested in both fields but I don't know which one to choose....
I'd say cyber security but with game development it varies on your position as with cyber security
Please I need a video on how to access friends contact list by Link. Or by generating a payload.
Thanks
Such amazing Hacker ❤️
Thanks been waiting for this..❤️
Thank you sir for making this video 🇮🇳🇮🇳🇮🇳🇮🇳🇮🇳
Thnq my teacher, you're the best of the best
Great content😎😎😎 Sir keep it up 👍
Love from Bangladesh 🇧🇩
Nice. look 1st 2 cmt from bangladesh. I think all Bangli Love Hawking Like Me :)
@@secretmystery8305 I am also come from Bangladesh 🙂..
@@rafin5651 nice :)
@@secretmystery8305 yeah ...😁
@@rafin5651 lets hack uuuuuu 😀😅
Love from indonesian 🇮🇩 :)
Love 💞 from Nepal 🇳🇵
What do you think /**/ is for?
Commenting things out..
and how did you discovered those were valid fields on the user table? ..how did you discovered the table name? how did you discovered the type of database ? ... if this is an advance tutorial you should explain how did you came up with the payloads , not just to do a copy paste
KEEP GOING MY FRIEND 😎👍
This guy teach so good !!!
Man your first union select query, was it fluke or actually there were 9 columns in users table? Also can you explain why you used /**/?
Finally all the columns except the last one in the users table were string type?
Dude my freind u are a legend
How would you know the exact name of a table and it's columns?
Love from sri lanka 🇱🇰🇱🇰🇱🇰
By the way how did you run samsung android framework on windows in previous videos
make a video on API
I just understood why my moms movies site account, one year ago got hacked😂 SQL Injection is way too powerfull :)
My response can be regarded as just as shot in the dark bro as I am still a no-eye deer, hahaha.
woooooh amazinf simple tutorial
Wow i was inpressed SQL Injection should not be as difficult its all on what happens on the server.
Thanks alot mr.sir
wtf is mr.sir
Mr.sir means mr.teacher
Very educational. Thank you for create this Chanel. but honestly, I'm still not very good at understanding English so please help me to provide Indonesian subtitle. i'm from Indonesian btw.🙏🙏🙏🙏🙏
You're great sir !
Keep upload more videos related to sql
In the payload does I can Write just
SELECT * FROM users ??
Is this advanced? Can you make an even more advanced one where you talk about information_schema etc and find the tables manually without being given the stuff like in this video, or bomb shells or writing or reading mitigation
How can monitor mobile traffic using wireshark
This depends on the database right? I mean would the query be the same if the website was using a different database and if not then how would you know what query to use? do you just have to keep trying ?
Check the whatweb data of the website. It will show in the result which database language has been used.
@@bakedtomatohh807 thank u
Love that 9:07
Bro can u plz tell how many langauge we have to know to become network pentester ?
Bro where i can learn ethical hacking from basics to advance
I think for hashing MD5 algorithm is not the industry standard.
Nice video 👍👍👍
Please make a video on sql injection shell upload using sqlmap.
your program languague to write this lab ? PHP and MYSQL
how to use this teqnique when there is no searchbar and there is only login and password fill forms?
frist like i love you fram syria 🇸🇾
thank you very much
you profstional strong
Master of masters!
Bro wr are u from
so this is union based sql injection sir ?
wordpress hacking tutorial plzzz
Iam student from India.
There are no major degree in cybersecurity , where I live.
Can I take Information technology or Computer Science degree to get started in cybersecurity field??
Can you give me a suggestion to get started in the field.
I was more passionate about it...
you are ther boss. thx
sir pls make sqlmap videos 🙏🏻 thanku
how can i come up with that union select, kinda weird
good tutorial
Great video. Could you please tell me how to test SQLi for below API call? This endpoint support GET, POST and DELETE method also.
GET /api/v1/user/profile/123.
If there is any article or video on finding SQLi, XSS, CSRF on API's, please share
Check for improper access control, You might find some juice
if it doesnt work on a website then other sql payloads wont work as well?
if i don t have this rest/products ?
Quantitys
Awesome 🔥🔥🔥🔥🔥
Can you do a Lesson on Beef / Ngrok / Portforwarding on WAN. Just dont get it working..
Next: advance server side request forgery
Loi how i can get owasp juice shop on my kali ? Am i need to download ova or iso image with running juice shop ?
Does this work on TEST websites or for real ones? I know few shitty websites and would love to hack it, ?
But all this attack doesn’t work on live website, why???
Thanks you
Thanks
Open The door,FBI
what to do if domain is Locked?
Great thanks!
Awesome video!
Glad you enjoyed it
Thank u 😍
you are amazing