Scribd
Upload
3 views

Testing SQL injection vulnerability

Uploaded by

huahuinig
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
3 views

Testing SQL injection vulnerability

Uploaded by

huahuinig
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 7

AIVTIC FELLOWSHIP

Adamu Muhammad CFP/24/3089

Lab 1 Assignment.

Due Date October 4 2024.

Task 1: Information Gathering using WhatWeb and Dirb

Step 1: Power up the metasploitable and the kali virtual machines and login with the default
password on both. Use the ‘ifconfig command’ to get the ip address of the metasploitable
machine.

Webserver versions : Apache version 2.2.8

Httpserver: Ubuntu Linux DAV 20/2

Plugins:

Apache server

HTTP server

Php version5.2.4-2ubuntu5.10

Interesting findings:

Oudated technologies and plugins. This makes the ever vulnerable to cross site scripting, sql
injection, remote code execution and denial of service.
Task 2: SQL Injection on DVWA Login Form

Step 1: Testing at low security level.

Set the dvwa security level to low


2- click on sql injection and type a single quot “’” in the log in form. If it is vulnerable to sql
injection it will return an sql error.

Try to perform a basic SQL injection like fetching the users table concatenating the SQL
statement with an always true condition.
SELECT * FROM users where userid = 1’ OR ‘1 == 1’

The injected code has returned the list of users with id ‘1’, the admin users. The credentials
can be used to carry out further extraction on the database.

Mitigating SQL Injection

1- User input validation and escaping.


2- Using parameterized queries to separate SQL logic from data.
3- Limiting database privileges for application accounts.

Task 3: Automating SQL Injection with SQLMap

Step 1: Scan the target URL using the sqlmap -u command to check for the presence of SQLi
vulnerability. The cookie is retrieved from the developer option of the web browser.
The result shows there is sql injection vulnerability in the web application. Next the database
will be triggered to reveal the tables.
Unfortunately no tables were found for dvwa.

Comparing the sqlmap and the manual SQLi, I feel more comfortable with the manual
methodsnce I am pretty sure of theexistence of at least users table yet nothing was fetched/

Extraction of tables is complets

The result shows the sight might not be injectible, however there is an option to use –tamper .
Let’s try that and see the result

You might also like