Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

SQL Injection Detection Problem

Enes Sanal Dec 24, 2019 08:07AM UTC

Hello,
I comminicated with you before about this problem (15 - 20 November, email: enessanal@hotmail.com.tr or this email address). But I couldn't submit a sample case. But I've found an example.

Web for Pentester I is a machine that have vulnerable application on it. Also have sql injection vulnerabilty. On this machine, In Sql Injection Examples Section, 7th example; Burp's Scanner doesn't detect related vulnerability. You can try easily with download this machine (https://pentesterlab.com/exercises/web_for_pentester/course) and related app. But if you want to see evidence, I can send one via mail.

Thank you so much.


Michelle Gillian Jan 02, 2020 12:32PM UTC Support Center agent

To help us confirm the details of this could you send us an email with screenshots/the evidence you found to support@portswigger.net, please? This will be useful to make sure we are looking at the same steps as you.
Also, what version of Burp you are using?


Post Your public answer

Your name
Your email address
Answer