SQL INJECTION

WHAT IS SQL?

  • Most websites use a database to store data.
  • Most data stored in it(usernames, passwords ..etc.)
  • Web application reads, updates and inserts data in the database.
  • Interaction with DB done using SQL.

WHY ARE THEY SO DANGEROUS

1. They are everywhere.

2. Give access to the database –> sensitive data.

3. Can be used to read local files outside www root.

4. Can be used to log in as admin and further exploit the system.

5. Can be used to upload files.

DISCOVERING SQLi in POST

  • Try to break the page.
  • Using ‘and’, ‘order by’ or  “’”.
  • Testing text boxes and URL parameters on the form.

http://target.com/page.php?something=something

Pre-Configure about Metasplitable2:

Following is a very useful error message.

So let’s modify the input on password box. We can login with a wrong password now.

Bypassing Authentication.

Ethical Hacking - Web Penetration Testing(8)的更多相关文章

  1. Ethical Hacking - Web Penetration Testing(13)

    OWASP ZAP(ZED ATTACK PROXY) Automatically find vulnerabilities in web applications. Free and easy to ...

  2. Ethical Hacking - Web Penetration Testing(10)

    SQL INJECTION SQLMAP Tool designed to exploit SQL injections. Works with many DB types, MySQL, MSSQL ...

  3. Ethical Hacking - Web Penetration Testing(6)

    REMOTE FILE INCLUSION Similar to local file inclusion. But allows an attacker to read ANY file from ...

  4. Ethical Hacking - Web Penetration Testing(1)

    How to hack a website? An application installed on a computer. ->web application pen-testing A co ...

  5. Python Ethical Hacking - WEB PENETRATION TESTING(1)

    WHAT IS A WEBSITE Computer with OS and some servers. Apache, MySQL ...etc. Cotains web application. ...

  6. Python Ethical Hacking - WEB PENETRATION TESTING(2)

     CRAWING DIRECTORIES Directories/folders inside the web root. Can contain files or other directories ...

  7. Ethical Hacking - Web Penetration Testing(12)

    XSS VULNS XSS - CROSS SITE SCRIPTING VULNS Allow an attacker to inject javascript code into the page ...

  8. Ethical Hacking - Web Penetration Testing(11)

    SQL INJECTION Preventing SQLi Filters can be bypassed. Use a blacklist of commands? Still can be byp ...

  9. Ethical Hacking - Web Penetration Testing(9)

    SQL INJECTION Discovering SQLi in GET Inject by browser URL. Selecting Data From Database Change the ...

随机推荐

  1. Spring Boot入门系列(十八)整合mybatis,使用注解的方式实现增删改查

    之前介绍了Spring Boot 整合mybatis 使用xml配置的方式实现增删改查,还介绍了自定义mapper 实现复杂多表关联查询.虽然目前 mybatis 使用xml 配置的方式 已经极大减轻 ...

  2. strcmp函数的两种实现

    strcmp函数的两种实现,gcc测试通过. 一种实现: C代码   #include<stdio.h> int strcmp(const char *str1,const char *s ...

  3. PHP丨PHP基础知识之流程控制WHILE循环「理论篇」

    昨天讲完FOR循环今天来讲讲他的兄弟WHILE循环!进入正题: while是计算机的一种基本循环模式.当满足条件时进入循环,进入循环后,当条件不满足时,跳出循环.while语句的一般表达式为:whil ...

  4. 【django】CMS开发笔记一:虚拟环境配置

    项目代码:https://github.com/pusidun/CMS-django 使用虚拟环境 虚拟环境是Python解释器的虚拟副本.在虚拟环境中安装私有包,不会影响全局的Python解释器.可 ...

  5. Kali中密码暴力破解工具hydra的使用

    前言 hydra是著名黑客组织thc的一款开源的暴力破解密码工具,功能非常强大,kali下是默认安装的,几乎支持所有协议的在线破解.密码能否破解,在于字典是否强大.本文仅从安全角度去讲解工具的使用,请 ...

  6. Python数据可视化实战:实时更新海外疫情数据,实现数据可视化

    前言 我国的疫情已经得到了科学的控制,开始了全面的复工复产,但是国外的疫情却“停不下来”.国外现在可谓就是处于水深火热当中啊,病毒极强的传染性,导致了许多的人都“中招”了,我国已经全面复工复产了,人大 ...

  7. 利用synchronized解析死锁的一种形成方式

    代码 import ... public class Test{ private static Object o1=new Object(); private static Object o2=new ...

  8. .NET高级调试系列-Windbg调试入门篇

    Windbg是.NET高级调试领域中不可或缺的一个工具和利器,也是日常我们分析解决问题的必备.准备近期写2篇精华文章,集中给大家分享一下如果通过Windbg进行.NET高级调试. 今天我们来一篇入门的 ...

  9. 远程登录LINUX

    远程登录LINUX LINUX 大多数应用于服务器,因此我们一般都是用远程登录的方式访问系统,windows的操作系统远程访问Linux的操作系统,我们需要另外安装终端软件,如Scure CRT,PU ...

  10. Java 从入门到进阶之路(二十九)

    在之前的文章我们已经可以对本地对文件和目录进行新建和删除等操作,接下来我们来对文件内对具体内容进行操作. 如下代码,我们实现了一个基本的文件写入: /** * java.io.RandomAccess ...