Date: 21 Feb 2025

SQL Injection

• discussed about the client - server sql injection

• install VMWare - VMWare workstation pro-17 keys

1. click the edit virtual machine settings -> if you have 16 gb then give 2gb ram -> ok
   

• alt + ctrl ->to come out of vmware( for cursor)

2. start the machine and select i copied it
   

shortcut keys :

• sudo init 0 - shutdown linux
• sudo init 6 - restart linux
• imp link: portswigger - test for owasp top 10 using burp

3. ifconfig in owasp to know your ip
   

4. open burp suite -> intercept off -> open browser -> then search in burp's browser your ip 192.168.31.128
   

5. then login through: admin , passwd : admin
   

6. then go to sql injection -> user id 1 -> submit
   

7. capture the request by seeing the tick ✅ of PARAMS (parameter) and do right click only on the marked GET/POST ips and do active scan
   

8. then go to Target -> then see the SQL injection and other vulnerabilities.
   

9. then go the website and put ' in the box and login
   

• the error page will come, bcoz developer have done some mistakes.(it depends on how the queries are written in the database) sql injection is all about hit and trial as we dont know the backend codes.
  

• Refer this github repo
• interpreter is accepting special characters allowing it to sit dynamically in the query.
• id - ‘ ’ (single quote)
• String query = "SELECT * FROM accounts WHERE custID='" + request.getParameter("id") + "'";
• id=5 -> String query = “SELECT * FROM accounts WHERE custID="" + request.getParameter('5') + “”;
• id=' -> String query = “SELECT * FROM accounts WHERE custID="" + request.getParameter(' ‘ ’) + “"”;
• check the manual that corresponds to your MySQL server version for the right syntax to use near ‘ ‘ ’ at line 1.
• our special char balances the first char , but the second char gets imblanced , making it odd together , there by getting the error.
• ‘ '# ’-> comments out
• Download Xampp

---****---