In SQL Injection – Intro we have learned: What is SQLi? and Types of SQLi. Now in this article we will setup lab for SQLi and test SQL vulnerabilities in Web Applications.
vmware workstation – Download
First download the iso file and vmware workstation (you can use other VM too) from above link.
- Install vmware and open it and click on *Create a New Virtual Machine*. Then choose iso file you have downloaded and click on next.
- Now in this step customize Hardware same as following Screenshot and click on finish.
- Now go to your vm and click on *Play virtual machine*.
- Once image boots up type ifconfig and note down IPv4 IP (in my case its 192.168.234.129) .
- Now open browser and type IP in the address bar (My IP is different from above for some reasons in your case use the same IP as shown in your VM).
Its done !! Your vulnerable Image is ready for testing and attacks now.
Testing Web Applications to Find SQL Injection Vulnerabilities
Now the question is how can you find vulnerabilities in the web application. You can use following Characters to check vulnerabilities. Or you can use Spidering . Watch following video to know more abut Spidering . Read Spidering article here
‘ String indicator (‘string’)
” String indicator (“string”)
+ Arithmetic operation, or concatenate (combine) for MS SQL Server and DB2
|| Concatenate (combine) for Oracle, PostgreSQL
concat(“”,””) Concatenate (combine) for MySQL
* Wildcard (“All”) used to indicate all columns in a table
% Wildcard (“Like”) used for strings:
‘%abc’ (ending in abc)
‘%abc%’ (containing abc)
; Statement terminator
() Group of data or statements
— Comment (single line)
# Comment (single line)
/*comment*/ Multiline comment
Example of using above Character to check Vulnerability
- First find a url with ‘id=’ exa: “example.com?id=”.
- Here in following screenshot the url is *http://192.168.234.136/cat.php?id=18*
- Now put the first character from above table in the last of the url to check vulnerability. If the page gives SQL error then the web application is vulnerable to SQLi. SQL error looks like following Screenshot.
Thankyou for reading!! Hope you like this article. Share it with your friends. Like us on facebook!!