Run apache2
#/etc/init.d/apache start
Run mysql
#/etc/init.d/mysql start
2. open mantra
Applications > backtrack > vulnerability assasment > vunerability scanner > mantra
3. open burpsuite
Applications > backtrack > vunerability assament > web applications assasmnet > web application proxiez > burpsuite
After apache and mysql running, check your mantra and burpsuite.
On mantra you must add new proxy [ proxy : localhost and port : 8080 ].
After proxy added, select the proxy that. Now, type localhost/dvwa on addresbar. first login, and how to technique sql injection for show all username.
Remember,before that you must change DVWA Security level from high to low and submit.
injection username success,
go to burpsuite and look the proxy. There have COOKIE.
After you get cookie, open sqlmap
next you must extract the databases of dvwa.
First, you read the hint of sqlmap,
next search syntax of extract database.
>databases
#./sqlmap.py -u "http://localhost/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit#" --cookie="security=low; PHPSESSID=3dlp8q6ipmlgem2uik1g142bc2" --dbs
extarct databases of DVWA is finish !!!
No comments:
Post a Comment