Lab 04
Lab 04
com/Instructions/ExamResult/8681a1d2-7662-47c4-81df-c54c7bc88dcd
13/13
Congratulations, you passed!
Duration: 38 minutes, 28 seconds
What user account name is not present in this SQLi result? Score: 1
admin
Hack
Morgan
Bob
Pablo
Gordon
Congratulations, you have answered the question correctly.
What is the first table name discovered from the DVWA database? Score: 1
users
What is the second table name discovered from the DVWA database? Score: 1
guestbook
Which of the following are column names from the users table of the dvwa database? Score: 1
(Select seven (7) column names)
user_id
avatar
failed_login
comment
first_name
last_login
last_name
name
password
USER
What is the HTTP referrer for this log record related to your first submission to the Score: 1
SQLi page of just the number '1'?
"GET /vulnerabilities/sqli/"
"GET /vulnerabilities/sqli/?id=7&Submit=Sumbit# HTTP/1.1"
"GET /vulnerabilities/xss_r/ HTTP/1.1"
"GET /vulnerabilities/sqli/?id=1&Submit=Sumbit# HTTP/1.1"
%3e
%3a
%27
%21
Congratulations, you have answered the question correctly.
Why is the octothorpe after the 'NULL' parameter used in this submitted SQLi Score: 1
statement?
end-of-line comment
carriage return and line feed
to append the command to the existing script statement
retrieve certain records from one or more tables.
octothorp
equals
backslash
asterisks
single quote
Congratulations, you have answered the question correctly.
INSERT
UNION
SELECT
https://labclient.labondemand.com/Instructions/ExamResult/8681a1d2-7662-47c4-81df-c54c7bc88dcd 2/3
11/14/24, 12:46 AM labclient.labondemand.com/Instructions/ExamResult/8681a1d2-7662-47c4-81df-c54c7bc88dcd
FROM
Congratulations, you have answered the question correctly.
Which of the following SQLi statements is used to return a result which includes the Score: 1
DBMS details?
What evidence in a website's log is most clearly IoC observables related to SQLi? Score: 1
percent-encoding
an HTTP referrer
ORDER BY, UNION, SELECT, UPDATE, INSERT, DELETE, or DROP
the HTTP response code of 200
Congratulations, you have answered the question correctly.
https://labclient.labondemand.com/Instructions/ExamResult/8681a1d2-7662-47c4-81df-c54c7bc88dcd 3/3