🧪 Lab: SQL Injection via Tracking Cookie

🔍 Lab Description:

This lab contains a SQL injection vulnerability.

The application uses a tracking cookie for analytics and performs a SQL query using the cookie value.

⚠️ The SQL query results are not returned directly, but the server might leak information through error messages (e.g., type conversion or syntax errors).

📂 The database contains a table called users with the following columns:

• username
• password

🌟 Objective:

🕵️‍♂️ Find and leak the password of the administrator user, then log in using their credentials.

🧠 Analysis:

🔎 The vulnerable parameter is:

TrackingId

💡 There is no direct response from the server reflecting the results of our injection, but:

• The HTML response shows error messages if a syntax error or type conversion error occurs.
• We can leverage this behavior to extract data via error-based SQL injection.

🧪 Exploitation Plan: