2 Lab SQL injection vulnerability allowing login bypass
- navigate to login page
- fire up burp suite
- Open burp
- open burp browser
- Proxy tab
- Intercept tab
- turn intercept on
- Intercept tab
- enter a generic username and password
- allow burp to intercept
- change
usernameparameter, giving it the value `administrator'-- - click forward
- should be logged in as administrator