wisemonkeys logo
FeedNotificationProfileManage Forms
FeedNotificationSearchSign in
wisemonkeys logo

Blogs

SQL Injection practice on DVWA

profile
Taha Chatriwala
Nov 04, 2017
0 Likes
0 Discussions
1991 Reads

Please read this article first : How to setup DVWA using XAMPP on a windows 

 
Once you are done with the setup, follow the below steps to try SQL Injection on your DVWA !!! DVWA ( damn vulnerable web application) is one the readymade web application environment used for testing several attacks. It is purely used for educational purposes. We will be showing here how we can perform SQL injection using dvwa.
SQL injection is one of the very old method of system penetrations. It means firing an SQL query in the database and making a database burp out information you desire. Structured query language being well structured has its own flaws which can be exploited. Using certain keywords as mentioned below breaks the query into a set of instructions which can even bypass the password fields. For an instance writing 1'=1-- in the username field after typing username will bypass the password. This means whether password matches or not still give an access. These flaws are obviously no more there as with increasing security there are patches inbuilt in programming now. Still as a developer you can keep in mind while creating date input fields that your need to mention enough conditional checks so that before data is sent over the server it has already been filtered. Go ahead and enjoy the stunts. Not to forget that these are only for educational purpose. Do not ever try it on actual server with any bad intention. As it might lead you behind the bars. Happy learning..!!  

Step 1: Visit the DVWA login page

URL :- " localhost/dvwa/login.php "and login using the username : "admin" and password : "password"   How To Setup DVWA Using XAMPP on Windows  

Step 2 : You will get to this Homepage

  Blind Sql Injection Using DVWA  

Step 3 : Go to security setting option in left and set security level low.

  Blind Sql Injection Using DVWA  

Step 4 : Click on SQL injection option in left.

  Blind Sql Injection Using DVWA  

Step 5 : Write "1" in text box and click on submit.

  Blind Sql Injection Using DVWA  

Step 6 : Write "a' or ''='" in text box and click on submit.

  Blind Sql Injection Using DVWA  

Step 7 : Write "1=1" in text box and click on submit.

  Blind Sql Injection Using DVWA  

Step 8 : Write "1*" in text box and click on submit.

  Blind Sql Injection Using DVWA  

Comments ()


Sign in

Read Next

Memory Management

Blog banner

MODERN OPERATING SYSTEMS

Blog banner

Virtual memory in Operating System

Blog banner

Number Guessing game --lisp

Blog banner

5 Stages of Digital Marketing

Blog banner

Processes: Process Description and Control.

Blog banner

Patola Outfits for the Modern Wardrobe: Reviving Indian Handloom in Style

Blog banner

BUSINESS MODELS OF E COMMERCE

Blog banner

Blog name

Blog banner

Service Catalogue Management

Blog banner

Workplace mental health: A Psychological Perspective on Employee Well-being and Organizational Growth

Blog banner

How To Implement Search Engine Marketing (Sem) Strategy Effectively

Blog banner

RAID_142

Blog banner

Krishna Rao SAP ID--53003230076

Blog banner

Famous Indian dishes that where misunderstood to be Indian

Blog banner

On-Page SEO

Blog banner

Explain DBMS in Brief

Blog banner

Modern operating system

Blog banner

Some facts about Technology

Blog banner

MPL and how its effects?

Blog banner

Shoulders

Blog banner

Modern Operating System

Blog banner

How to Add Super Seeds to Your Everyday Meals: Easy & Healthy Ideas

Blog banner

Introduction to Virtual Memory - 080

Blog banner

GIS REMOTE SENSING

Blog banner

Dental Problems That Start Small But Should Never Be Ignored

Blog banner

CRISP-DM Methodology

Blog banner

Koinex is shutting down and here is how you can withdraw...

Blog banner

Security in Operating Systems

Blog banner

Security issues

Blog banner

Tea, Coffee, Red Wine, and Teeth: A Stain Survival Guide

Blog banner

MEMORY HIERARCHY

Blog banner

**THE MUJAWARR: Transforming the Logistics Industry**

Blog banner

KAHAWA TEA

Blog banner

MEMORY MANAGEMENT (techniques)

Blog banner

I/O Buffering

Blog banner

OPERATING SYSTEM

Blog banner

Craziness of dream 11 and how it impacts on our life

Blog banner

Threads

Blog banner

Explain website hacking issues

Blog banner

Memory management

Blog banner

"Geographic Information Systems (GIS) and its Applications in Urban Planning"

Blog banner