Scribd
Upload
36 views4 pages

AIM: Learn To Use Manuel SQL Injection Using DVWA. Solution:S

This document provides instructions for performing SQL injection on a vulnerable web application. It explains how to exploit vulnerabilities in the application's SQL queries by entering special characters and strings into input fields. This allows retrieving all data from a table without a matching user ID, and discovering the database version number by appending a UNION query. The goal is to learn how SQL injection works by experimenting with these techniques on a non-production system.

Uploaded by

Mehul
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
36 views4 pages

AIM: Learn To Use Manuel SQL Injection Using DVWA. Solution:S

This document provides instructions for performing SQL injection on a vulnerable web application. It explains how to exploit vulnerabilities in the application's SQL queries by entering special characters and strings into input fields. This allows retrieving all data from a table without a matching user ID, and discovering the database version number by appending a UNION query. The goal is to learn how SQL injection works by experimenting with these techniques on a non-production system.

Uploaded by

Mehul
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

130470105017 PRACTICAL N

AIM: Learn to use Manuel SQL injection using DVWA.

SOLUTION:S
SQL Injection Menu

Instructions:
Select "SQL Injection" from the left navigation menu.

Basic Injection

Instructions:
Input "1" into the text box.
Click Submit.
Note, webpage/code is supposed to print ID, First name, and Surname to the
screen.
Notes(FYI):
Below is the PHP select statement that we will be exploiting, specifically $id.
$getid = "SELECT first_name, last_name FROM users WHERE user_id = '$id'";
130470105017 PRACTICAL N

Always True Scenario

Instructions:
Input the below text into the User ID Textbox (See Picture).
%' or '0'='0
Click Submit
Notes(FYI):
In this scenario, we are saying display all record that are false and all records that are
true.
%' - Will probably not be equal to anything, and will be false.
'0'='0' - Is equal to true, because 0 will always equal 0.
Database Statement
mysql> SELECT first_name, last_name FROM users WHERE user_id = '%' or '0'='0';
130470105017 PRACTICAL N

Display Database Version

Instructions:
Input the below text into the User ID Textbox (See Picture).
%' or 0=0 union select null, version() #
Click Submit
Notes(FYI):
Notice in the last displayed line, 5.1.60 is displayed in the surname.
This is the version of the mysql database.
130470105017 PRACTICAL N

You might also like