ermmm you mean blank page when you access the SQLi section or blank page when you attempt SQLi attack? is it the same for blind SQLi section? have you tried changing difficulties? resetting apache2/mysql services? tried more than one browser/OS? you'll probably find more troubleshooting steps here as well: github.com/digininja/DVWA/issues?q=is%3Aissue+is%3Aclosed+sql+injection
@@_CryptoCatso they can change name of user/username and pass/password name to others name like for example house as user or something? Sorry im still beginner
@@Cashvib-f4w Yes the column names will be whatever the developers chose, it doesn't have to be "username" and "password" but devs normally use standardised, logical naming conventions (so it's likely to be something guessable). That said, if it's not guessable - you can use SQLi to recover the column names.
@@mio_sorawhen I press " ' " and submit it, it just reloads the page without returning the result like 2:53. I don't understand why this happens even though I've tried many different browsers.@_CryptoCat
Great Video bro! just two question, why the sentence " ' ORDER BY 3#" does not send me the error text? just throw me a blank page and what means #? i have googled it but it is not clear at all what does. Thanks beforehand
Thanks! The "#" will comment out the rest of the SQL statement so if you have a statement like: "SELECT FROM users;" and you enter " ' ORDER BY 3#", it's only executing "SELECT ' ORDER BY 3" because the bit where it specifies the table "users" is now commented out.
You could make an educated guess, but it's also possible to use SQLi to retrieve database names, column names etc. You should see some of that in the next ep IIRC.
Hey, good question! The '#' can be used to comment out the rest of the SQL statement. If you inject some SQL you might want (or need) to comment out the rest of the code. Check this out for some more info and examples: www.sqlinjection.net/comments/
Thanks mate! The + is just a URL encoded space. If you type a space in the address bar it will be automatically converted to a "+", but if you are using burp you'll need to take care of URL encoding yourself 🙂
Hi, i'm actually new to cybersecurity so I just have one question. Let's say you have downloaded DVWA in a win 10 VM and you wish to attack it through a Kali VM, how do you go about doing so? And also, after you have attacked from the kali VM, is there anyway to defend against the attack ? (Ex, like installing software such as webknight) Any reply is much appreciated !!
In VMWare/VirtualBox, I would recommend using NAT or NAT Network. This way the VMs will be able to communicate with each other and the internet, without exposing your home network. There will be many different ways to defend and will vary from attack to attack. Obviously, securing the code is the best defence; if there is no XSS or SQLi vulnerability, the attackers won't be able to exploit it. Keeping software up to date is equally important. Vulnerability scanners could help with that but assuming there is still some vulnerability, a WAF may provide protection. Good logging processes help etc. Defence in depth as they say!
@@_CryptoCat I find it easier to use Bridged for everything. It's a little more vulnerable for the VM but if the VM gets attacked I highly doubt the hacker would have the capabilities to perform VM escaping.
@@200eiod the dvwa.co.uk link? all the links in description still working for me but if you are just trying to download DVWA you can get directly from the github: github.com/digininja/DVWA/archive/master.zip
@@200eiod yes very true you have to download and install DVWA, if you check the first video in this series i go through how to download and install step by step 😉
@@devaparihar1997 Are you testing against DVWA or something else? The command I gave you is for the DVWA DB (which is MariaDB) - if you continue the series, you will see this in action 😉
So is the "impossible" one literally impossible? Because you didn't even attempt it. Just looked at it and said "anyway so lets do a bonus exercise" LOL
Yeh haha the "impossible" level is to show you how developers *should* secure against the attacks, so they shouldn't be solveable. Just check the source code to see how it's been secured and verify that you're attacks no longer work 😊
Thank you very much for this tutorial! You made everything so clear and understandable
I've never gotten SQL injection to work with DVWA. It just comes up with a blank page. Can't figure out why. Any Ideas?
ermmm you mean blank page when you access the SQLi section or blank page when you attempt SQLi attack? is it the same for blind SQLi section? have you tried changing difficulties? resetting apache2/mysql services? tried more than one browser/OS? you'll probably find more troubleshooting steps here as well: github.com/digininja/DVWA/issues?q=is%3Aissue+is%3Aclosed+sql+injection
Same here getting blank page when I enter a injection . There is no error message ?
any help is appreciated !
How would you know that there is two columns in the database with The names user and password if the page that told you that was not exist
You can retrieve the column names using SQL injection! user/username and pass/password are pretty common though 🙂
@@_CryptoCatso they can change name of user/username and pass/password name to others name like for example house as user or something?
Sorry im still beginner
@@Cashvib-f4w Yes the column names will be whatever the developers chose, it doesn't have to be "username" and "password" but devs normally use standardised, logical naming conventions (so it's likely to be something guessable). That said, if it's not guessable - you can use SQLi to recover the column names.
when I press " ' " and submit it, it just reloads the page without returning a result like 2:53. What does that mean???
hey do you have it set to the correct difficulty level (low)? have you tried multiple browsers (chrome/firefox)? let me know how it goes 🙂
@@_CryptoCat sorry for reply a bit late, my problem has been resolved, thank you very much, your vid helped me a lot
@@mio_sora no problem, great to hear! 😃
It´s true. Excelent
@@mio_sorawhen I press " ' " and submit it, it just reloads the page without returning the result like 2:53. I don't understand why this happens even though I've tried many different browsers.@_CryptoCat
Sir , thanks a lot. Well explained ( crystal clear )
thank you mate 🥰
Great Video bro! just two question, why the sentence " ' ORDER BY 3#" does not send me the error text? just throw me a blank page and what means #? i have googled it but it is not clear at all what does. Thanks beforehand
Thanks! The "#" will comment out the rest of the SQL statement so if you have a statement like:
"SELECT FROM users;"
and you enter " ' ORDER BY 3#", it's only executing "SELECT ' ORDER BY 3" because the bit where it specifies the table "users" is now commented out.
How do you know the colum is user and password? Or is that because everyone's database uses user and password columns?
Sorry i am still beginner...
You could make an educated guess, but it's also possible to use SQLi to retrieve database names, column names etc. You should see some of that in the next ep IIRC.
Great content!
I have one question. Why do you sometimes use the character '#' at the end of the sentence?
Hey, good question! The '#' can be used to comment out the rest of the SQL statement. If you inject some SQL you might want (or need) to comment out the rest of the code. Check this out for some more info and examples: www.sqlinjection.net/comments/
@@_CryptoCat Thx!
that's exactly what i want to ask... thx for the answer
brilliant!!!
Thank you! 💜
i love you
Great video using this for CRT practice as i have it upcoming
awesome, good luck!! 😀
Hi! my dvwa don't have any internet access, its totally isolated. Do i really need to give it an internet access in NAT?
No, no you can use local only network; DVWA doesn't need internet access
Great video, can you tell me why you use + characters around the or on medium difficulty, I.e 1 +or+ 1=1
Thanks mate! The + is just a URL encoded space. If you type a space in the address bar it will be automatically converted to a "+", but if you are using burp you'll need to take care of URL encoding yourself 🙂
@@_CryptoCat amazing! Thankyou so much for your help!
Hi, i'm actually new to cybersecurity so I just have one question. Let's say you have downloaded DVWA in a win 10 VM and you wish to attack it through a Kali VM, how do you go about doing so? And also, after you have attacked from the kali VM, is there anyway to defend against the attack ? (Ex, like installing software such as webknight)
Any reply is much appreciated !!
In VMWare/VirtualBox, I would recommend using NAT or NAT Network. This way the VMs will be able to communicate with each other and the internet, without exposing your home network.
There will be many different ways to defend and will vary from attack to attack. Obviously, securing the code is the best defence; if there is no XSS or SQLi vulnerability, the attackers won't be able to exploit it. Keeping software up to date is equally important. Vulnerability scanners could help with that but assuming there is still some vulnerability, a WAF may provide protection. Good logging processes help etc. Defence in depth as they say!
@@_CryptoCat ohh I see, nice !
Thank you for your video and your help man !! Really appreciate it🙏
@@ahmedfa2654 thanks mate 🙏🥰
@@_CryptoCat I find it easier to use Bridged for everything. It's a little more vulnerable for the VM but if the VM gets attacked I highly doubt the hacker would have the capabilities to perform VM escaping.
@@mrwhosmynameagain You're probably right but you never know! VM escapes feature regularly as challenges in CTFs these days 😐
when it comes to the repeater I don't see the id to modify it, do you know what problem I have?
Make sure you are sending the correct request to the repeater, and that you supplied a value as the ID
Great video, thanks for the content
Thank you 🥰
from medium to high we must use burp suite to support exploit?
You could accomplish in many ways! Maybe try a python script 🙂
4:55 , those two columns from which table?
From the users table in this case, but maybe you'd enumerate the whole DB..
tbh medium was a lot easier than hard lol i thought hard would add anything more than just another web app
' UNION SELECT user, password FROM users#
dang
is it wrong if I just used Sqlmap on all 3 difficulties? :(
haha! as long as you understand the concept and how to exploit manually, its all good 😉
U kinda sounded like Dream at the beginning
When I click on the link I do not fall on the right page could you help me please
hey which link are you talking about?
@@_CryptoCat The one in the DVWA description
@@200eiod the dvwa.co.uk link? all the links in description still working for me but if you are just trying to download DVWA you can get directly from the github: github.com/digininja/DVWA/archive/master.zip
@@_CryptoCat You have to download DVWA to be able to access the page where you can hack?
@@200eiod yes very true you have to download and install DVWA, if you check the first video in this series i go through how to download and install step by step 😉
Wow
thanks bro
How can i get db version?
Should be "@@version" IIRC
That's for MySQL database. What about mariadb??
@@devaparihar1997 Are you testing against DVWA or something else? The command I gave you is for the DVWA DB (which is MariaDB) - if you continue the series, you will see this in action 😉
@@_CryptoCat yes
dvwa
Am i the only one who's confused?.. what to type and where did the hashid come from..
It's been a while, can you timestamp the video? The lab might have updated too..
@@_CryptoCat The submission time is over bro aint no need for that hahahahahaha unless i fail......
@@XD-zi2bj haha good luck! 🙏
So is the "impossible" one literally impossible? Because you didn't even attempt it. Just looked at it and said "anyway so lets do a bonus exercise" LOL
Yeh haha the "impossible" level is to show you how developers *should* secure against the attacks, so they shouldn't be solveable. Just check the source code to see how it's been secured and verify that you're attacks no longer work 😊
Lesch Crossroad
Botsch Botroad?
please can you give me your telegram emergency
I don't have a telegram sorry. What's up?
great video, thanks for the content
Thanks 🥰