In this exercise, we will look at some more complicated examples of SQL injection.
✏️ Log out and log in using with the following username
' UNION ALL SELECT GROUP_CONCAT(sql) as id FROM sqlite_schema--✏️ Inspect the source of the voting page. Do you see anything questionable?
✏️ Look at the source code. Try to reason on how we are able to extract table schemas using SQL injection.
⭐ Bonus: Can you change the login query to execute some arbitrary SQL to steal information?
The developers of this solution has not followed any good practices, and has stored the passwords as clear text!
✏️ Try to use a similar technique as in the previous task to extract a users password.