SQL Injection dvwa

Still the spirit of course, we will try SQL injection technique this time, to the target itself is http://127.0.0.1/dvwa
our first try with a standard query
'or'1 = 1


look there first name and Surname
not just trying to query, we try with sqlmap
just type the command

python. / sqlmap.py-u http://127.0.0.1/dvwa/vulnerabilities/sqli/
and the result was like this,  
until this step I am still looking for how to query the right to be able to get a username and password:)

Comments

Post a Comment

Popular posts from this blog

EXE file structure

Image
I 'll try to explain how a structure file extension .EXE. EXE is a common file extension indicates an executable file ( program) in the DOS , OpenVMS , Microsoft Windows , Symbian , and others. In addition to the executable program , many EXE files contain other components called resources, such as bitmaps and icons which the executable program to be able
Read more

Filesystem Structure

Image
For this time I will explain about a system file structure there are some that I will explain , among others, are : FAT16 FAT32 NTFS EXT2 EXT3 starting from the first , which is FAT16   FAT16 we start from the first FAT . What is FAT ? FAT File System that is used in Windows Operating System . FAT 's name comes from the use of tables that focus on areas where information is empty or may not be used . To limit the size of the table , the disk space allocated to files in hardware sector groups are adjacent , so-called developing cluster. When disk drive , the maximum number of clusters also
Read more

Introduction Maltego

Image
What is maltego ? Maltego are tools for OSINT (Open Source Intelligence Gathering ) , so OSINT is a method of searching the information available to the public and then analyzed and used for certain purposes maltego also an open- source intelligence and forensics application . This allows for the mining and gathering information and presenting this information in a meaningful way .
Read more