SQL INJECTION

WHAT IS SQL?

  • Most websites use a database to store data.
  • Most data stored in it(usernames, passwords ..etc.)
  • Web application reads, updates and inserts data in the database.
  • Interaction with DB done using SQL.

WHY ARE THEY SO DANGEROUS

1. They are everywhere.

2. Give access to the database –> sensitive data.

3. Can be used to read local files outside www root.

4. Can be used to log in as admin and further exploit the system.

5. Can be used to upload files.

DISCOVERING SQLi in POST

  • Try to break the page.
  • Using ‘and’, ‘order by’ or  “’”.
  • Testing text boxes and URL parameters on the form.

http://target.com/page.php?something=something

Pre-Configure about Metasplitable2:

Following is a very useful error message.

So let’s modify the input on password box. We can login with a wrong password now.

Bypassing Authentication.

Ethical Hacking - Web Penetration Testing(8)的更多相关文章

  1. Ethical Hacking - Web Penetration Testing(13)

    OWASP ZAP(ZED ATTACK PROXY) Automatically find vulnerabilities in web applications. Free and easy to ...

  2. Ethical Hacking - Web Penetration Testing(10)

    SQL INJECTION SQLMAP Tool designed to exploit SQL injections. Works with many DB types, MySQL, MSSQL ...

  3. Ethical Hacking - Web Penetration Testing(6)

    REMOTE FILE INCLUSION Similar to local file inclusion. But allows an attacker to read ANY file from ...

  4. Ethical Hacking - Web Penetration Testing(1)

    How to hack a website? An application installed on a computer. ->web application pen-testing A co ...

  5. Python Ethical Hacking - WEB PENETRATION TESTING(1)

    WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...

  6. Python Ethical Hacking - WEB PENETRATION TESTING(2)

     CRAWING DIRECTORIES Directories/folders inside the web root. Can contain files or other directories ...

  7. Ethical Hacking - Web Penetration Testing(12)

    XSS VULNS XSS - CROSS SITE SCRIPTING VULNS Allow an attacker to inject javascript code into the page ...

  8. Ethical Hacking - Web Penetration Testing(11)

    SQL INJECTION Preventing SQLi Filters can be bypassed. Use a blacklist of commands? Still can be byp ...

  9. Ethical Hacking - Web Penetration Testing(9)

    SQL INJECTION Discovering SQLi in GET Inject by browser URL. Selecting Data From Database Change the ...

随机推荐

  1. Win10 1903小白搭建Redis

    一.Redis介绍 Please Baidu. 二.安装 1)下载: 下载网址 https://github.com/microsoftarchive/redis/releases 选这个 2)安装 ...

  2. c#openCV图片传递-尝试读取或写入受保护的内存。这通常指示其他内存已损坏。解决方法

    未处理AccessViolationException 这通常指示其他内存已损坏,这里内存损坏并非物理的内存条损坏.猜想是执行到此步骤后,内存空间被清理了,没有找到内存地址的感觉. public st ...

  3. redis过期键的策略

    一.过期时间设置: 127.0.0.1:6379> expire key seconds //设置键的过期时间为多少秒 127.0.0.1:6379> setex key seconds ...

  4. Centos安装redis详解

    redis官方网站对redis的安装已有介绍,但没有redis环境的安装,redis自动启动服务安装等等: redis官网:https://redis.io 本文以centos6为基础安装redis ...

  5. 关于HTTP 请求方式: GET和POST的比较的本质

    什么是HTTP? 超文本传输协议(HyperText Transfer Protocol -- HTTP)是一个设计来使客户端和服务器顺利进行通讯的协议. HTTP在客户端和服务器之间以request ...

  6. Charles的介绍,配置与使用

    简介 Charles中文名叫青花瓷 它是一款基于HTTP协议的代理服务器 通过成为客户端或者浏览器的代理 然后截取请求和请求结果达到分析抓包的目的. 特点 跨平台 win linux mac 半免费 ...

  7. SpringCloud 入门(三)

    前文我们介绍了简单的创建一个客户端,并介绍了它是如何提供服务的,接下来介绍它的另外一个组件:zuul. zuul 提供了微服务的网关功能,通过它提供的接口,可以转发不同的服务,可以当作一个中转站. 搭 ...

  8. JavaWeb网上图书商城完整项目--day02-8.提交注册表单功能之dao、service实现

    1.发送邮件 发送邮件的时候的参数我们都写在了配置文件中,配置文件放在src目录下,可以使用类加载器进行加载该数据 //向注册的用户发送邮件 //1读取配置文件 Properties properti ...

  9. xutils工具上传日志文件--使用https并且带进度条显示

    package logback.ecmapplication.cetcs.com.myapplication; import android.app.Activity; import android. ...

  10. Python实用笔记——错误处理

    让我们用一个例子来看看try的机制: try: print('try...') r = 10 / 0 print('result:', r) except ZeroDivisionError as e ...