Damn Vulnerable Web Application(DVWA) — SQL Injection Walkthrough

Introduction

There is a page with a single text field.

Enter user ID ‘1’ and submit.

A record is returned.

Security Level: Low

Exploitation

Instead of entering valid input like , try input a single quote character and observe its behaviour.

The error message revealed the database is MariaDB. And it also implied that single quote might lead to SQL…