SQL INJECTION

WHAT IS SQL?

  • Most websites use a database to store data.
  • Most data stored in it(usernames, passwords ..etc.)
  • Web application reads, updates and inserts data in the database.
  • Interaction with DB done using SQL.

WHY ARE THEY SO DANGEROUS

1. They are everywhere.

2. Give access to the database –> sensitive data.

3. Can be used to read local files outside www root.

4. Can be used to log in as admin and further exploit the system.

5. Can be used to upload files.

DISCOVERING SQLi in POST

  • Try to break the page.
  • Using ‘and’, ‘order by’ or  “’”.
  • Testing text boxes and URL parameters on the form.

http://target.com/page.php?something=something

Pre-Configure about Metasplitable2:

Following is a very useful error message.

So let’s modify the input on password box. We can login with a wrong password now.

Bypassing Authentication.

Ethical Hacking - Web Penetration Testing(8)的更多相关文章

  1. Ethical Hacking - Web Penetration Testing(13)

    OWASP ZAP(ZED ATTACK PROXY) Automatically find vulnerabilities in web applications. Free and easy to ...

  2. Ethical Hacking - Web Penetration Testing(10)

    SQL INJECTION SQLMAP Tool designed to exploit SQL injections. Works with many DB types, MySQL, MSSQL ...

  3. Ethical Hacking - Web Penetration Testing(6)

    REMOTE FILE INCLUSION Similar to local file inclusion. But allows an attacker to read ANY file from ...

  4. Ethical Hacking - Web Penetration Testing(1)

    How to hack a website? An application installed on a computer. ->web application pen-testing A co ...

  5. Python Ethical Hacking - WEB PENETRATION TESTING(1)

    WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...

  6. Python Ethical Hacking - WEB PENETRATION TESTING(2)

     CRAWING DIRECTORIES Directories/folders inside the web root. Can contain files or other directories ...

  7. Ethical Hacking - Web Penetration Testing(12)

    XSS VULNS XSS - CROSS SITE SCRIPTING VULNS Allow an attacker to inject javascript code into the page ...

  8. Ethical Hacking - Web Penetration Testing(11)

    SQL INJECTION Preventing SQLi Filters can be bypassed. Use a blacklist of commands? Still can be byp ...

  9. Ethical Hacking - Web Penetration Testing(9)

    SQL INJECTION Discovering SQLi in GET Inject by browser URL. Selecting Data From Database Change the ...

随机推荐

  1. 基于flask框架的高校舆情分析系统

    系统分析: 高校舆情分析拟实现如下功能,采集微博.贴吧.学校官网的舆情信息,对这些舆情进行数据分析.情感分析,提取关键词,生成词云分析,情感分析图,实时监测舆情动态. 系统设计: 前端:采用layui ...

  2. excel如何快速汇总多个类别的总和?

    这个需求是一位在当前抗疫一线的朋友提出的,和各位分享一下. 需求情况 因为众所周知的原因,他每天都需要为照顾的小区居民购买.运送生活物资.小区居民通过表单的形式提交自己每日的需求,最终汇总到一张exc ...

  3. ECSHOP 2.5.1 二次开发文档【文件结构说明和数据库表分析】

    ecshop文件架构说明 /* ECShop 2.5.1 的结构图及各文件相应功能介绍 ECShop2.5.1_Beta upload 的目录 ┣ activity.php 活动列表 ┣ affich ...

  4. SQL注入之Boolean型盲注

    什么是Boolean型注入 Boolean型的注入意思就是页面返回的结果是Boolean型的,通过构造SQL判断语句,查看页面的返回结果是否报错,页面返回是否正常等来判断哪些SQL判断条件时成立的,通 ...

  5. python根据列表创建文件夹,拷贝指定文件

    内容涉及:关键字定位,列表去重复,路径组装,文件夹创建,文件拷贝,字符串分割 list.txt的内容为包含关键字的文件路径,如:关键字 ’181‘ org/20190523/1/20190523201 ...

  6. 函数进化到Lambda表达式的三过程

    假如我们想要从一个整型数组中取出其中是奇数的选项,其实现方式有很多, 接下来通过三种方法的对比理解Lambda表达式的用途,需要了解的朋友可以参考下         //声明委托类型 public d ...

  7. Glusterfs读写性能测试与分析

    一.测试目的: 1.测试分布卷(Distributed).分布式复制卷(Distributed-Replicate).条带卷(Strip)和分布式条带复制卷(Distributed-Strip-Rep ...

  8. CentOS 7安装Oracle 12c图文详解

    环境: CentOS7@VMware12,分配资源:CPU:2颗,内存:4GB,硬盘空间:30GB Oracle 12C企业版64位 下载地址:http://www.oracle.com/techne ...

  9. Java 从入门到进阶之路(二十九)

    在之前的文章我们已经可以对本地对文件和目录进行新建和删除等操作,接下来我们来对文件内对具体内容进行操作. 如下代码,我们实现了一个基本的文件写入: /** * java.io.RandomAccess ...

  10. java实现在一个字符串中查找某个子字符串出现的次数

    public static void main(String[] args) { String a = "我爱我的祖国!!!"; String b = "爱"; ...