Scribd
Upload
24 views5 pages

Lab - 02 SQL Injection Attack

The document outlines a lab exercise focused on performing a SQL injection attack on a vulnerable web application to extract the administrator's username and password. It provides step-by-step tasks including accessing the lab, discovering database tables, enumerating columns, finding column names, extracting user credentials, and accessing the admin account. The conclusion confirms the successful completion of the SQL injection attack and gaining access to the admin panel.

Uploaded by

kazumofficial
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
24 views5 pages

Lab - 02 SQL Injection Attack

The document outlines a lab exercise focused on performing a SQL injection attack on a vulnerable web application to extract the administrator's username and password. It provides step-by-step tasks including accessing the lab, discovering database tables, enumerating columns, finding column names, extracting user credentials, and accessing the admin account. The conclusion confirms the successful completion of the SQL injection attack and gaining access to the admin panel.

Uploaded by

kazumofficial
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

SQL injection attack, listing the database contents

on non-Oracle databases
Objectives

The objective of the this lab is:

• To perform a SQL injection attack on the vulnerable web application and extract the
administrator's username and password.
Lab Environment

For this lab, you would require:

• Computer with an internet connection


• Web browser

Lab Tasks

Task 1 – Access the Lab

Step 1: Access the PortSwigger Web Security Academy: SQL injection attack, listing the
database contents on non-Oracle databases

Step 2: Open Burp Suite and make sure the Intercept is on.
.
Task 2 - Discovering the Database Tables

Step 1: Start by navigating to the vulnerable web application. Observe the layout with the

navigation menu at the top and a list of products below.

Step 2: In Burp Suite, turn on the Intercept feature.

Step 3: Click on various navigation URLs to capture the requests.


Task 3 - Enumerating Columns

Step 1: With the requests captured in Burp Suite, determine the number of columns in the

database and which columns contain text data. You should see two columns containing

text.

Step 2: Now, construct a SQL query to retrieve the names of all tables in the database using the

'+UNION+SELECT+table_name,+NULL+FROM+information_schema.tables--' injection

technique.

Step 3: Note down the names of the tables, especially the 'users_odzpcz' table.

Task 4 - Finding Column Names

Step 1: Since we have identified the 'users_odzpcz' table, it's time to find out what columns

it contains.

Step 2: Craft a SQL query

'+UNION+SELECT+column_name,+NULL+FROM+information_schema.columns+WHERE+table_
name='users_odzpcz'--'

Step 3: Retrieve and document the column names for further use.
Task 5 - Extracting User Credentials

Step 1: Armed with the column names, create a SQL injection query to extract the contents of the
'password_nawvpk' and 'username_bzubfy' columns from the 'users_odzpcz' table using the
'+UNION+SELECT+password_nawvpk,+username_bzubfy+FROM+users_odzpcz--' technique.

Step 2: Execute the query and retrieve the administrator's username and password.

Task 6- Accessing the Admin Account

Step 1: Log in to the web application using the obtained administrator credentials.

Step 2: Explore the admin panel and verify your access.


Conclusion:

You have successfully performed a SQL injection attack on the web application, extracted the
administrator's username and password, and gained access to the admin account.

You might also like