i have my challenge exam coming up soon.
i have ran out of lab time.
to pass the challenge i feel i may need some more experience in sql injection and creation of exploits.
could anyone advise me where i can find a few tutorials for the creation of exploits.
i would like the tutorial to be with current or easy to find software that is freeware/shareware.
i say this as the example in the oscp used software that is superseded and also not freeware/shareware.
the main parts of the sql injection i would like to practice is command injection and gaining shell.
also could someone please tell me how i could practice sql injection.
my guess is i would have to create the database that allowed sql injection to be preformed on.
and then practice on that.