Exercise: SQL-Injection
Solutions for this exerciseInstall our demo-application
Download and install our guestbook application. The Guestbook Example. Be very carefull. This example is very unstable, you should in no case install this software on a server accessible to other people, so don't forget to configure your firewall accordingly.Test the application
For your tests, you can use the userharry (password Potter) or the user emmanuel (password emmanuel).
You can send message to one person or the a list of persons.
Use SQL-injection to hack the login
Try to login with the userbenoist without using his password (it is bcde).
Search field
Using the search functionality of the guestbook application try to execute some other functionalities.- Change the search to add a "or 1" that makes the selection always true. You may need to see the source code, to write the sentence. Normally a user only sees the message that he or she has the right to see.
- Hack the search functionality, such that you can see the list of all the users with their passwords.
- Download and install SQLmap,
$ sudo apt install sqlmap
- Find an entrypoint that suffers a SQL injection. You must test some possible entry points to find one with the vulnerability
- Start sqlmap on your application. You may use the wizard version.
- Download the database structure for the site
- Access a Dump of the database.
Install and run sqlmap
Related Pages
Contact
Prof. Dr. Emmanuel Benoist
Berner Fachhochschule - TI
Quellgasse 21
CH-2501 Biel/Bienne
Switzerland
Mail: emmanuel.benoist (at) bfh.ch
Berner Fachhochschule - TI
Quellgasse 21
CH-2501 Biel/Bienne
Switzerland
Mail: emmanuel.benoist (at) bfh.ch
Social Networks
Follow
me
on
Linkedin, Scholar
& Research gate