17.2.6 Lab Attacking a MySQL Database - PanamaP/KEST3CO05DU GitHub Wiki
What are the two IP addresses involved in this SQL injection attack based on the information displayed?
10.0.2.4 and 10.0.2.15
The attacker has entered a query (1’ or 1=1 union select null, version ()#) into a UserID search box on the target 10.0.2.15 to locate the version identifier. Notice how the version identifier is at the end of the output right before the . closing HTML code. Question: What is the version?
version: 5.7.12-0
What would the modified command of (1' OR 1=1 UNION SELECT null, column_name FROM INFORMATION_SCHEMA.columns WHERE table_name='users') do for the attacker?
miklu styttra output sem synir notendur
Which user has the password hash of 8d3533d75ae2c3966d7e0d4fcc69216b?
notandi: 1337
c. Using a website such as https://crackstation.net/, copy the password hash into the password hash cracker and get cracking. Question: What is the plain-text password?
charley
Reflection Questions
- What is the risk of having platforms use the SQL langauge?
Ef inputs sem þeir fá eru ekki sanitized þá getur hvaða upplýsingar sem er sem gagnagrunnurin geymir verið lekið.
-
Browse the internet and perform a search on “prevent SQL injection attacks”. What are 2 methods or steps that can be taken to prevent SQL injection attacks?
- Validate User Inputs
- Use Stored Procedures In The Database