Scribd
Upload
190 views

4 - SQL Injection and Password Cracking Attacks

1. The document provides instructions for setting up DVWA (Damn Vulnerable Web Application), a platform for testing SQL injection and password cracking attacks. It describes downloading required software, configuring the platform, and performing sample attacks like displaying database users and contents of files. 2. The second part instructs on using SQL injections on DVWA to display lists of users and passwords stored in the database table. It describes using John the Ripper software to crack hashed passwords recovered from the database. 3. Finally, it prompts to change DVWA's security level to medium and high to explore how SQL injections could still be used to list users and what changes are made in the source code.

Uploaded by

Afrah Hassan
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
190 views

4 - SQL Injection and Password Cracking Attacks

1. The document provides instructions for setting up DVWA (Damn Vulnerable Web Application), a platform for testing SQL injection and password cracking attacks. It describes downloading required software, configuring the platform, and performing sample attacks like displaying database users and contents of files. 2. The second part instructs on using SQL injections on DVWA to display lists of users and passwords stored in the database table. It describes using John the Ripper software to crack hashed passwords recovered from the database. 3. Finally, it prompts to change DVWA's security level to medium and high to explore how SQL injections could still be used to list users and what changes are made in the source code.

Uploaded by

Afrah Hassan
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

1|Page

SQL Injection and Password Cracking


Attacks
Prerequisites
1- Go to https://www.easyphp.org/ and download the easy php DEVSERVER:

2- Install the DEVSERVER easy php and UNCHECK the ‘Launch easyPHP Devserver’

3- Edit the httpd.conf file in ‘EasyPHP-Devserver-17\eds-


binaries\httpserver\apache2425vc11x86x201120184207\conf’ folder
2|Page

4- Change the port from 80 to 8088:

5- Download the DVWA from http://www.dvwa.co.uk/ unzip the file and put the folder
inside a newly created folder in ‘EasyPHP-Devserver-17\eds-www’ called ‘dvwa’
3|Page

6- Go to ‘EasyPHP-Devserver-17\eds-www\dvwa\config’ and change the name of


‘config.inc.php.dist’ to ‘config.inc.php’ and open the file in notepad ++

7- Change the db_password to ‘

8- Right-click on EasyPHP icon on taskbar, Open Dashboard

9- Run Http server, and Database Server


4|Page

10- Click on Portal Directory, then click dvwa

11- Click on create database button at the bottom, and click on login after database is created.
After starting dvwa (login: admin and password: password) change its security level to
"low" and try SQL injection attacks (SQL Injection menu).

Attacks on DVWA
SQL injection is often used by hackers to exploit security vulnerabilities in your software to
ultimately gain access to your site’s database. In this part of the lab, we will attack the DVWA
platform with SQL injections. DVWA allows security administrators to test their knowledge
related to web application attacks.
To do:
1. Display the list of database users.
2. Display the contents of the notes.txt file located on c: /
3. Display the logins and passwords of the users stored in the table.
4. The passwords thus recovered by SQL injections are “hashed” (Secure Hash). To be able
to determine their values in clear, we will use the John the Ripper software (you can
download it or use it in the VM kali 2020)

Create Password Hash File, copy username and password to a notepad file. Now you
should see the user admin and the password hash separated by a ":" on the same line.
5|Page

Cut the username and password combinations for other users and paste in this file as well.
Check if the passwords are broken.
Try to login with cracked user account.
5. Now change the security level of the DVWA platform and put it in medium. How would
it be possible to list the list of users by an SQL injection?

6. Now set the security level to High and check the source code of the corresponding page.

You might also like