Lab provided by the College of Engineering and Computing at the University of South Carolina
Lab Overview:
SQL injection is when a hacker targets databases and tries to collect or change its residing data. When a user fills in an online form, his/her input is used to build a SQL query that the backend of the application uses to manipulate the database’s data. SQL injections are successful when web developers have poor checks on the input fields of a form. For this lab, I will be performing the attack on the Damn Vulnerable Web App (DVWA).
The goals of this lab are to:
Understand and define SQL injections
Perform SQL injection attacks on a web application
Understand the best practices to migrate SQL injection
I will be demonstrating this lab through the Attacker’s machine.
Comments