[Day 10] SQL injection Inject the Halls with EXEC Queries
Manually navigate the defaced website to find the vulnerable search form. What is the first webpage you come across that contains the gift-finding feature? Analyze the SQL error message that is returned. What ODBC Driver is being used in the back end of the website? Inject the 1=1 condition into the Gift Search form. What is the last result returned in the database?