alban/docker-vulnerable-dvwa
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

sqlinjection print added

Browse source
This commit is contained in:
OPSXCQ 2017-01-02 19:40:03 -02:00
parent 1209507c81
commit accbd82724
No known key found for this signature in database
GPG key ID: 9AD730FE9CDE5661
2 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
README.md
View file

@ -36,7 +36,9 @@ To login you can use the following credentials:
## Hack and have fun ! ## Hack and have fun !
If you are playing it in low dificulty, just to have a taste of how exploit a flaw in this app, go to ```SQL Injection``` in the left menu. If you are playing it in low dificulty, just to have a taste of how exploit a flaw in this app, go to ```SQL Injection``` in the left menu.
In the id field, add this query ```%' and 1=0 union select null, concat(first_name,'|',last_name,'|',user,'|',password) from users #``` In the id field, add this query:
%' and 1=0 union select null, concat(user,':',password) from users #
![sqli](sqli.png) ![sqli](sqli.png)

BIN
sqli.png Normal file
View file

Binary file not shown.
Side by side

After

Width:  |  Height:  |  Size: 231 KiB