Scribd Logo
Upload

Welcome to Scribd!

  • Xvwa Ism Lab6

    Uploaded by

    aayush.singh007study
    3 views23 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    3 views23 pages

    Xvwa Ism Lab6

    Uploaded by

    aayush.singh007study

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 23

    Course Title: Information Course Code: BCSE354E

    Security Management

    Faculty: Prof.LEKI CHOM Slot: L7+L8

    THUNGON

    Regno:21BCE1819 Name: DHIIMAYYI BANERJEE

    Program:BCE(CSE CORE) Batch Year:THIRD

    School:Scope Submission Date: 18-03-2024

    LAB EXERCISE-6
    Brute Force and SQL Injection on XVWA login

    Aim: Perform the attacks by following the steps of the DVWA in XVWA Download
    the XAMPP from the browser.
    Open the terminal and install instal XAMPP
    Commands: chmod +x xampp-linux-x64-8.2.12-0-installer.run

    Now it will download the XAMPP and we need to setup the XAMPP in our system.
    After clicking the forward button it will start downloading the XAMPP.
    Now click on the MySQL Database and click Start button from the right side.
    It will start MySQL Database, such that we can access the XVWA.

    Now we need to download the XVWA in our system for that we need to search in browser XVWA
    installation, It will show the Github repository link and click that link.
    Download the XVWA from github
    Copy the path and open the files and go to the following path and open the terminal there
    Opt/lampp/htdocs

    Enter the following commands in the terminal to download the XVWA


    Sudo git https://github.com/s4n7h0/xvwa.git
    Now open the browser and enter the following:
    127.0.0.1/xvwa

    Now to go 127.0.0.1/phpMyAdmin
    And create the database
    Now enter the 127.0.0.1/xvwa in browser, now we will be able to see the content
    Aim:
    • Brute force attack on XVWA login
    • To inject different SQL injection manually in the input field
    • To use sqlmap for conduction SQL injection on the website
    • To add SQLiPy extension to Burp Suite and perform SQL injection

    Apparatus Required: Burp Suite, Foxy Proxy, XVWA Server


    Brute Force Login Website:

    Brute forcing using Intruder:


    • In the login page, enter any random username and password, and send the request
    to Burp Suite.

    • In the proxy section, right click the request and send it to intruder.
    • Add the payload positions only to username and passwd, and remove the payload for
    Cookie.

    • Choose different attack types as per need. The results of the same is shown next.

    i. Sniper Attack:

    Payload set 1
    Payload type Simple list
    Payload options admin
    user
    xvwa

    ii. Battering Ram

    Payload set 1
    Payload type Simple list
    Payload options admin user
    password user123

    iii. Pitchfork:

    Payload set 1 2
    Payload type Simple list Simple list
    Payload options admin 1234
    user xvwa user password

    iv. Cluster Bomb:

    Payload set 1 2
    Payload type Simple list Simple list
    Payload options admin password
    user xvwa vulnerable
    4321

    Since xvwa does not have any login failed or pass page hence there will be no change in
    length or status code. Therefore, we would have to manually request different results on the
    browser.

    Below is the demonstration:


    Here I am trying for requesting a sample test in Sniper Attack.

    Result:

    As we can see we couldn’t login.

    Now trying for a successful combination:


    Trying battering ram result for admin-admin Result:

    Here we can see we were able to login.

    SQL Injection Demonstration:

    EXERCISE – 1: Inject different SQL injection manually in the input field.

    Website:
    The website has only 1 input field which accepts either an item code or a search keyword and displays
    information.

    SQL Injection Payloads:

    Payload: 1' or 1=1 #

    This reveals all of the data available.


    Find the database name

    Payload: 1' union select 1,2,3,4,database(),6,7 #


    The database name is “xvwa”.
    Find all tables

    Payload: 1' union select 1,2,3,4,table_name,6,7 from information_schema.tables#


    EXERCISE – 2: Use sqlmap for conduction SQL injection on the website.
    First save the request using Burp Suite.

    sqlmap -r requestedxvwa.txt -dbs

    ii. Find the tables in xvwa

    Command: sqlmap -r requestedxvwa.txt -D xvwa -tables


    The tables in xvwa are caffaine, comments and users.

    iii. Get all the details stored in users table

    Command: sqlmap -r requestedxvwa.txt -D xvwa -T users --columns dump


    Exercise 3: Add SQLiPy extension to Burp Suite and perform SQL injection.

    Steps for adding the extension: • Go to Extender > BApp

    Store and search for sqlipy.


    • To add this extension, Jython is necessary. Visit
    https://www.jython.org/download.html and download the latest Jython
    standalone JAR file.
    • In Burp Suite, go to Extender > Options. Under the section Python Environment, click
    Select file. Navigate to the saved location and click on the downloaded Jython JAR
    file.
    • Now install the SQLiPy extension from BApp store.
    Steps for using the extension:

    • Send the request to SQLiPy Scan.

    • This will take the request and auto populate information in the SQLiPy
    "Sqlmap Scanner" tab.

    • In the same tab, configure the options that you want for the injection testing.
    Then click the
    "Start Scan" button.
    • Progress and informational messages on scans and other plugin activities are
    displayed in the extensions SPLiPy "SQLMap Logs" tab.

    Results:

    Thus SQL injection was studied in 3 different methods on xvwa.

    You might also like