





Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
Information Security lab work to protect data and find out new ways of data security
Typology: Assignments
1 / 9
This page cannot be seen from the preview
Don't miss anything!
Aim: Testing website for SQL Injection Vulnerability using SQLMAP Procedure: ● Download the SQLMAP tool zip file from the site https://sqlmap.org/ and extract the files to the desired path. ● To check the directory run command dir and also run the sqlmap.py command to know if its working ● We then choose a SQL Injection infected website for demonstrating the Vulnerability. So we chose this Vulnerablesite:http://testphp.vulnweb.com/listproducts.php?cat= 1 ● We now open the command prompt with the directory address where the sqlmap.py file was extracted and perform various commands to understand the SQL injection vulnerability. ● These commands bring out the basic functioning of the tool and fetch the details about the perspective domain. ● Now to understand the sql injection of the sql injected vulnerability site we use some commands that will help us find the vulnerability of the website. ● To better understand the sql injection of the site we now can demonstrate the data enumeration or mention a number of things one by one using the tool. ● To get the databases of the site we use the command –dbs which makes us fetch the details about the website. ● Some of the commands to enumerate the database through an application vulnerable to SQL injection. Used to exploit details of the vulnerable site a. Current-username: to get current username b. Current-dbs: to get current database c. Hostname: to get hostname ● Performing the above data enumeration command makes it clearer that the site is sql injected. When such a data enumeration command is performed on the site which is not vulnerable, we may not get all these details. ● To understand this, we compare the site with running any of these commands on a non vulnerable site say
Website used to check its vulnerability:- http://testphp.vulnweb.com/listproducts.php?cat= Command prompt screenshot page:-
Screenshot with the usage of basic commands like batch, crawl, level:- Command:- sqlmap.py-uhttp://testphp.vulnweb.com/listproducts.php?cat=1 --crawl 2 --batch --level 2
https://insecure-website.com/products?category=Gifts+OR+1=1–
Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to identify what devices are running on their systems, discovering hosts that are available and the services they offer, finding open ports and detecting security risks.