Professional Documents
Culture Documents
Step3) Press “Add URL” button and paste the url of website to
download. Then click ok.
Step 4) Once the url is added click next.
Step 7) You can check out the website using the html document in
your download location.
5) Build a checklist for authentication and apply on the web
application to analyze the outcomes.
Authentication Bypass via Brute force
Turn on intercept in burp suite and login with any username or password on
the login form.
Now open your Kali linux and open both burp suite and BWapp.
But this time create a new user and log in with it. Turn on intercept and click
Cookies button.
Change the PHPSSID on burp suite and turn off the intercept.
Once you do that you are logged into some other session.
Tried to find any clue in -h section and got to know that I can add cookies and parameters to
the command using –cookies and –data option.
Extracted cookies and data from Burpsuite
Used those cookies and data in sqlmap and tried to find databases.
Results:
Results indicated that there was only one database i.e information_schema, although the
database “information_schema” was the default database made by Mysql. This seemed fishy.
Tried to get the current database being used through –current-db command.
Results:
Results indicated that current database was “bwapp” which was contrary to the previous
result saying there was only one database.
Although it wasn’t a good idea, tried to dump the databases to see if I find something new.
Results:
Results gave the tables of our current database i.e “bwapp” along with columns of table
named “blog” inside “bwapp”.
Then tried to find columns from table “users” through –column option selecting the “bwapp”
database using -D and “users” table using -T because it sounded as if it had something
important.
Results:
Results displayed the columns from the table “user”.
Results: