Scribd
Upload
10 views7 pages

Applied Exploit and Hacking 2

The document details a step-by-step process of setting up a vulnerable SQL injection site using XAMPP and phpMyAdmin. It includes creating a database, a login page, and demonstrates various SQL injection attacks to exploit the vulnerabilities. The author successfully executes multiple payloads to showcase the risks associated with SQL injection, including retrieving database information and creating files on the server.

Uploaded by

syedbadshah0550
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
10 views7 pages

Applied Exploit and Hacking 2

The document details a step-by-step process of setting up a vulnerable SQL injection site using XAMPP and phpMyAdmin. It includes creating a database, a login page, and demonstrates various SQL injection attacks to exploit the vulnerabilities. The author successfully executes multiple payloads to showcase the risks associated with SQL injection, including retrieving database information and creating files on the server.

Uploaded by

syedbadshah0550
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 7

Lahore Garrison University

Name:
Aftab Hussain
Roll no:
Fa-21/Bs DFCS/033
Submitted by:
Aftab Hussain
Submitted to:
Saud Bin Farooq
Assignment:
Applied Exploits and Hacking

First, I installed XAMPP and turned on Apache and MySQL. The image below shows this.
In the image above, the services are running. Now, we check if the localhost is working. If it is,
we open phpMyAdmin and create a database for our login page.

This image shows that phpMyAdmin is working fine, so the next step is to create a database in it.
The image above shows the code to create a database called vulnerable_sqli with 2 users in it.
Now, run these queries to see what happens.

There were no errors after running the queries. In the left panel, we can see that our database
named vulnerable_sqli has been created. Now, I will show you its table.
The image above shows a users table with usernames and passwords.
Now we need to make a folder for our website in C:\xampp\htdocs*. I created a folder named
sqli_site inside it. The next step is to create a connection file. Here it is:

Now it's time to make a login page for our website. Here is the code:

Let's see if our code is working on localhost or not:

Our code is running on localhost without any errors. Now, we will try some common SQL
injection attacks on it.
First, I used the payload shown in the image below:

This payload shows a login failed message.

Now, let's try another payload and see what happens:

I used this payload without a password, and it showed a successful login.


Now, let's try other SQL injections. First, we need to find out how many tables there are by using
'order by' queries.

When I used 'order by 3', it showed login failed. Now, I will test using 'order by 4.
It gave an error, which means there are three valid columns. Now, let's try more injections.
' UNION SELECT 1, 2, @@version –

To find the database version, we put @@version in the third column and got: 10.4.32-MariaDB.
Now, let's try other SQL injections to find the database name.
' UNION SELECT 1, 2, database () –

The image shows the database name, which is a vulnerable site.


Now performing time-based SQL injection:
' OR IF (1=1, SLEEP (5), 0) –

It didn’t respond within 5 seconds.


After 5 seconds, it shows the result:
For loading a file, I used this payload:
' UNION SELECT 1, 2, LOAD_FILE('C:\xampp\htdocs\sqli_site\test.txt') –
Check the result:

In the password field, it showed the content of the file.


Now, to create a file in a folder, I used this command:
' UNION SELECT 1, 2, "Hello from Aftab" INTO OUTFILE
'C:/xampp/htdocs/sqli_site/hacked_by_aftab.txt' –

It showed this message, but the file was created in the folder as expected.

Now, let’s read what is inside this file.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy