As you already familiar with the subject SQL injections from the previous article part 1, we will quickly dive into exploitation with SQLi. Login to your bWAPP and select vulnerability SQL Injection (Login Form/Hero). As stated in previous post, we need to do some manual analysis to know the functionality and it’s implementation. Try to login with your some random text (test, test). Now let’s do some dynamic analysis by reviewing source code of the functionality.
Though there are many vulnerabilities, SQL injection (SQLi) has it’s own significance. This is the most prevalent and most dangerous of web application vulnerabilities. Having this SQLi vulnerability in the application, an attacker may cause severe damage such as bypassing logins, retrieving sensitive information, modifying, deleting data. Sometimes this costs life when it comes to Healthcare, Banking domains. Okay introduction apart, the objective of this article is to exploit and read some sensitive data from the database. If you don’t know what exactly is this SQLi then read my other article which may throw some light. I am splitting the subject into two parts, having everything in one might throw you out of interest.
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives basic information about SQL injections, but still I hope it’s informative which might helps you. SQL injection is a basic technique where hacker might use to take over unauthorized access of the database or maybe to enumerate the data from the database. People might think, it’s an issue with the database configuration. Yea you’re partly right.