About Teletype
Join
HACKFREAKS
@hackfreaks
Hacking
January 4, 2023

How to practice legally in hacking sites. An example of SQL injection using Burp Suite on DVWA.

Hello my little Freaks , Hackfreaks Here. In this article, we will install DVWA on Kali Linux in order to start training in hacking sites in the following articles Step by step

Every novice white hacker needs to learn his skills somewhere. Climbing the Internet and breaking a random site is an idea so-so, because it is criminally punishable.

โ“So what to do?

โœ… Correctly! Raise your own training site. That is why DVWA is needed.

In this article, we will install DVWA on Kali Linux in order to start training in hacking sites in the following articles ๐Ÿ”ฅ

What is DVWA

Damn Vulnerable Web Application ( DVWA ) โ€” is a deliberately vulnerable web application ( ) on PHP / MySQL. The goal of the โ€” project is to help ethical hackers and IB specialists hone their skills and test tools.

DVWA can also help web developers and IT learners better understand the security process of web applications and sites.

Installing DVWA on Kali Linux

Go to the directory html:

cd /var/www/html

Clone git repository:

sudo git clone https://github.com/digininja/Dvwa.git

Change the permissions to the installation folder:

sudo chmod -R 777 Dvwa

Go to the configuration file in the installation directory:

cd Dvwa/config

Copy the configuration file and rename it:

cp config.inc.php.dist config.inc.php

Open the settings file and change the password to something simpler to enter ( I will change the password to pass):

sudo nano config.inc.php

The following screenshot shows the contents of the configuration file, including all database information:

Install mariadb:

sudo apt-get update
sudo apt-get -y install apache2 mariadb-server php php-mysqli php-gd libapache2-mod-php

Run the database:

sudo service mysql start

Log in to the ( no password database, so just press Enter when the request ) appears:

sudo mysql -u root -p

Create a database user. You need to use the same username and password that were used in the ( configuration file. screen above ):

create user 'user'@'127.0.0.1' identified by 'pass';

Give the user all the privileges:

grant all privileges on dvwa.* to 'user'@'127.0.0.1' identified by 'pass';
โ‡ โ‡ Pay attention: since we work with the database, these commands must end with a semicolon ;

The result of these database operations should look like this:

It's time to go to the catalog apache2 to configure Apache server:

cd /etc/php/7.3/apache2

Open the file for editing php.ini, to enable the following parameters: allow_url_fopen and allow_url_include:

sudo mousepad php.ini

The file is large, so you may need to scroll to the middle of the file to get to fopen and change the values:

Launch the Apache server:

sudo service apache2 start

โ‡ เคฎ Now, if everything is done correctly, you can open DVWA in the browser by entering the following in the address bar: 127.0.0.1 / DVWA/

โœ… If the settings page opens, this means that you have successfully installed DVWA on Kali Linux:

Scroll down and click Create / Reset Database ( Create / reset the database ). This will create a database, and in a few seconds you will be redirected to the login page in DVWA:

Enter the following credentials:

admin
password

As you can see in the next screenshot, there are many interesting vulnerabilities that you can test, for example, brutheros, SQL injection and others:

Now One of the most interesting attacks is the popular implementation attack SQL injection, which we will consider in detail, using the example of DVWA.

โœ… In this lesson, we will look at an example of SQL injection using Burp Suite on the vulnerable DVWA platform.

An example of SQL injection using Burp Suite on DVWA

To implement SQL injection using Burp Suite, we need:

  • Burp Suite* ( installed in Kali Linux from the ) box.
  • Dvwa, installed on Kali Linux ( we are already did)
*Burp Suite โ€” is an excellent tool that allows you to search for vulnerabilities in web applications.

Launch and configure Burp Suite on Kali Linux

To run Burp Suite on Kali Linux, open the terminal and execute the command:

burpsuite

If you first opened the Burp Suite, then you will need to accept the terms of use.

Do not be afraid if Java Runtime Environment ( JRE ) error message appears. This is a famous mistake at the first launch of the Burp Suite version of Community. It is associated with the version of JRE installed in your OS. Just skip the error message.

In the free version, the only available option โ€” select Temporary project ( Temporary project ). After selecting the default parameters, the main window of the graphical interface ( GUI ) Burp Suite Community will appear.

Let's move on to using Burp Suite and DVWA to test web applications for attacks by implementing SQL.

DVWA Security Levels

Launch DVWA ( see first link ). Keep in mind. If you restart the machine, you will need to restart the services necessary for DVWA and restart the browser:

sudo service apache2 start
sudo service mysql start

One of the cool DVWA features is that you can configure the complexity of the attack. ( they are called safety levels ). Here is a brief explanation for each of them:

  • Low ( Low ) โ€” the computer is as vulnerable as possible and does not use security tools.
  • Medium ( Medium ) โ€” designed to simulate a web application without modern security features.
  • High ( High ) โ€” is more difficult than the previous level, but you can still find vulnerability and hack.
  • Impossible ( What a complex ) โ€” is the most difficult level using protection techniques. For hardcore chockers.

โœ… In case of SQL injection level Low displays on the page a text box into which you can enter SQL injection:

โŒ But, it's too simple for us. Therefore we will use the level Medium. In this case, instead of a simple text field, a drop-down menu will be available. So, we can use Burp Suite to implement SQL injection. Brought to you by hackfreaks official.

SQL injection using Burp Suite on DVWA

We pass to the example of the introduction of SQL injection ๐Ÿ”ฅ

Step 1: Open Burp Suite and create a temporary project using the default Burp settings.

Step 2: In the top main menu, select Proxy ( Proxy ), and in the submenu, select Intercept ( Interception ).

Step 3: Choose Lunch burp browser.

Step 4: Using the Burp browser, open DVWA, go to the left menu and click DVWA Security ( Security DVWA ), then select the drop-down list Medium ( Medium ) and click Submit ( Send ):

Step 5: Now go to SQL injection in the left menu, and there you should see the drop-down menu with the button Submit ( Send ):

Step 6: Return to Burp Suite and turn on the interception by clicking on Intercept is of ( Interception disabled ):

Step 7: Return to DVWA and click Submit ( Send ).

Step 8: If you return to Burp Suite, you will see intercepted data:

Step 9: As you can see, the value that we selected in the drop-down list was sent as id = 1, so let's experiment with this number to see how safe this web application is.

Step 10: In Burp Suite, Change Value id with eleven on 2, then click Forward, to see what happens.

Step 11: Return to DVWA. As you can see, the user ID is still displayed in the drop-down list eleven; However, user ID information is displayed 2. This means that Burp Suite was able to successfully implement a new value without even affecting the web page:

Step 12: It was just a test. Now that we understand that you can implement the data, let's try to make a real SQL injection. Change the value of the user ID to see what it gives. Return to Burp Suite and Make sure Intercept on and then click again Submit on DVWA to get data back in Burp Suite.

Step 13: Now Burp Suite must display the same information as on the screen above. Go to the last line and change the value again ID from 1 to 1 OR 1 = 1 # and click Forward ( Forward ).

Step 14: As you can see on the next screen, the DVWA page now simultaneously displays information from all five users. This means that we have discovered a vulnerability:

Step 15: Click Submit ( Send ) to update the data again in Burp Suite. Then change the value of the ID again to:

eleven OR eleven=eleven UNION SELECT NULL,TABLE_NAME FROM INFORMATION_SCHEMA.TABLE#

Step 16: Now, if you return to DVWA, you will see that this time we received much more information, including the names of the tables. This is a very serious vulnerability, as an attacker can get very important data from a web application.

We found a more dangerous vulnerability:

Step 17: Using the information received, you can try to find other vulnerabilities of the web application:

eleven OR eleven=eleven UNION SELECT USER,PASSWORD FROM users#

Now go to DVWA and you will see displayed hashes of passwords:

โ‡ เคฎ Well, and finally, we would like to consider the solution of a common mistake that you may encounter.

Burp Suite and DVWA Error Correction

If the next error ( see the screen below ), don't worry โ€” it's easy to fix.

โœ… Just go to Burp Suite, select Intercept is off, then update DVWA.

โœ… In addition, remember that these values are case sensitive, so make sure you use the correct register:

That's all!

You just learned how to use Burp Suite and using it you introduced SQL injection to the site. If you want to continue our free lessons, then we are waiting for your ๐Ÿ”ฅ under the post on the channel!

HACKFREAKS
January 4, 2023, 10:33
4ย reactions
0ย views