Description

In this video I demonstrate how to perform basic SQL injections against DVWA (Damn Vulnerable Web Application). The type of SQL injection was error-based, and the database architecture in use was MySQL (most recent Kali repository version).

After the initial SQL injection was confirmed, the request was copied from the Burp Repeater module into a new file, which was used directly with SQLMap to make it easier to perform the SQL injection. (The vulnerable function most likely requires a valid session cookie.)

When SQLMap had confirmed the injection, the contents of the ‘users’ table were dumped, where the password hashes (MD5, unsalted, single round) were automatically attempted to be cracked using SQLMap’s default wordlist. This showed the plain text version of the user’s passwords.

Topics covered:
– Error-based SQL Injections
– Using RAW HTTP Requests in SQLMap
– Cracking Passwords in MD5 Format (Unsalted, Single Round)
– Dumping the Entire Database
– Changing the Security Level in DVWA

SQLMap:
https://github.com/sqlmapproject/sqlmap

Stay tuned and subscribe for more upcoming videos showing actual hacks!