handbook/tools/3.Web-Hacking/4.Injection/SQL/Commands/SQL-Injection-Vectors/4 - AJAX.md


## AJAX SQL Injection

How do check if AJAx request are vulnerables

```Terminal
- Go in Inspector mode and intercept the request (network)
- Copy the request has has Curl and convert it into python
- Add the python code in a code editor (edit the cookies and value STRING --> Value)
- Add a IF statment ---> if response.status_code = 500
                                               print(response.text)
- Run the request and try to find some 500 erros (normaly mean a sql error)
```

Usefull video        ---> https://www.youtube.com/watch?v=IVHX9jDrI0o
Usefull tool           ---> https://curlconverter.com/

Cheat Sheet          ---> https://www.invicti.com/blog/web-security/sql-injection-cheat-sheet/
vault backup: 2024-08-31 01:07:21 2024-08-30 23:07:22 +00:00
			`## AJAX SQL Injection`

			`How do check if AJAx request are vulnerables`

			```Terminal
			`- Go in Inspector mode and intercept the request (network)`
			`- Copy the request has has Curl and convert it into python`
			`- Add the python code in a code editor (edit the cookies and value STRING --> Value)`
			`- Add a IF statment ---> if response.status_code = 500`
			`print(response.text)`
			`- Run the request and try to find some 500 erros (normaly mean a sql error)`
			```

			`Usefull video ---> https://www.youtube.com/watch?v=IVHX9jDrI0o`
			`Usefull tool ---> https://curlconverter.com/`

			`Cheat Sheet ---> https://www.invicti.com/blog/web-security/sql-injection-cheat-sheet/`