Javascript Analysis to SQL injection

Hi Hackers, I’m Mostafa Elguerdawi.

It’s have been long time from my last write up, in this write up I will explain how I found SQL injection by analyzing the JavaScript codes.

Because it was private program I’ll called it example.com.

First I started to understand application functions and its logic, It was easy to understand because it was online store.

So after sometime I found that I can add products from the store to my bag to buy it, After that I visited my purchase bag and found a GET parameter called id.

I decided to try SQL injection on it, So I send the request to Burp Suite with endpoint : https://example.com/index.php?id=my-holiday-basket

After a lot of time without any useful thing I started to analyse this endpoint javascript code I found new parameter I didn’t found before.

So I started to play with this parameter.

I just add single quote (`) at the act parameter value and I found the response bytes changed.

After analysing the response I found SQL error at the bottom of response.

Finally I used SQLmap for the report.