SQL INJECTION
WHAT IS SQL?
- Most websites use a database to store data.
- Most data stored in it(usernames, passwords ..etc.)
- Web application reads, updates and inserts data in the database.
- Interaction with DB done using SQL.
WHY ARE THEY SO DANGEROUS
1. They are everywhere.
2. Give access to the database –> sensitive data.
3. Can be used to read local files outside www root.
4. Can be used to log in as admin and further exploit the system.
5. Can be used to upload files.
DISCOVERING SQLi in POST
- Try to break the page.
- Using ‘and’, ‘order by’ or “’”.
- Testing text boxes and URL parameters on the form.
http://target.com/page.php?something=something
Pre-Configure about Metasplitable2:
Following is a very useful error message.
So let’s modify the input on password box. We can login with a wrong password now.
Bypassing Authentication.
