David Tse

Jun 14, 2021

5 min read

Damn Vulnerable Web Application(DVWA) — SQL Injection Walkthrough

Introduction

There is a page with a single text field.

Enter user ID ‘1’ and submit.

A record is returned.

Security Level: Low

Exploitation

Instead of entering valid input like 1, try input a single quote character and observe its behaviour.

The error message revealed the database is MariaDB. And it also implied that single quote might lead to SQL…

--

--

--

More from David Tse

Cyber Security Enthusiast | OSCP | OSWE

Love podcasts or audiobooks? Learn on the go with our new app.

Try Knowable

Recommended from Medium

Will Howes

Makers Academy Final Project - Week 1 Diary

Akhil Dhiman

How The Web Works

Nuwan Chamikara

SERVER-SIDE DEVELOPMENT— SOAP

Mike Wilder

Flatiron Phase 4 Project

Robert Csapo

3 Simple ways to use Cisco DNA Center Platform APIs

Cellframe Platform

Cellframe — Community

Andrea Jasper

Sinatra Work Order App

Image of a hand pointing to a sprocket with a money icon inside, surrounded by other sprockets and icons with hands shaking, clock, bullseye, graph, and a person.
thomas montoya

in

Quick Code

Linux shell under the hood !

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
David Tse

David Tse

Cyber Security Enthusiast | OSCP | OSWE

More from Medium

Kaorrosi

Finding and Exploiting SSRF Vulnerabilities

Tony Ellam

Hack The Box — Lame Writeup

Santo Cheung

Basic CSRF

apex

Bug Bounty Methodology — Bug Hunting Checklist (PART-1)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Knowable