performing-second-order-sql-injection

# Performing Second-Order SQL Injection ## When to Use - When first-order SQL injection testing reveals proper input sanitization at storage time - During penetration testing of applications with user-generated content stored in databases - When testing multi-step workflows where stored data feeds subsequent database queries - During assessment of admin panels that display or process user-submitted data - When evaluating stored procedure execution paths that use previously stored data ## Prerequisites - Burp Suite Professional for request tracking across application flows - SQLMap with second-order injection support (--second-url flag) - Understanding of SQL injection fundamentals and blind extraction techniques - Two or more application functions (one for storing data, another for triggering execution) - Database error message monitoring or blind technique knowledge - Multiple user accounts for testing stored data across different contexts ## Workflow ### Step 1 — Identify Storage and Trigger Points ```bash # Map the application to identify: # 1. STORAGE POINTS: Where user input is saved to database # - User registration (username, email, address) # - Profile update forms # - Comment/review submission # - File upload metadata # - Order/booking details # 2. TRIGGER POINTS: Where stored data is used in queries # - Admin panels displaying user data # - Report generation # - Search functionality using stored preferences # - Password reset using st...