Difference between revisions of "DVWA: Check SQLi vulnerability"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) (Created page with "Berikut ini kita akan menggunakan DVWA SQLi. Siapkan DVWA: * Browse ke DVWA http://192.168.0.100/DVWA-1.9/security.php * Set Low > Submit * Masuk ke http://192.168.0.100/DVWA...") |
Onnowpurbo (talk | contribs) |
||
(One intermediate revision by the same user not shown) | |||
Line 12: | Line 12: | ||
1' or '3'='3 | 1' or '3'='3 | ||
1' or '4'='4 | 1' or '4'='4 | ||
+ | %' or '0'='0 | ||
+ | |||
+ | |||
+ | ==Deteksi SNORT== | ||
+ | |||
+ | snort rules untuk mendeteksi | ||
+ | |||
+ | alert tcp any any -> 192.168.0.100 80 (msg:"0'='0"; content:"0%27%3D%270"; nocase; classtype:web-application-attack; sid:1000023;) | ||
+ | alert tcp any any -> 192.168.0.100 80 (msg:"1'='1"; content:"1%27%3D%271"; nocase; classtype:web-application-attack; sid:1000024;) | ||
+ | alert tcp any any -> 192.168.0.100 80 (msg:"2'='2"; content:"2%27%3D%272"; nocase; classtype:web-application-attack; sid:1000025;) | ||
+ | alert tcp any any -> 192.168.0.100 80 (msg:"3'='3"; content:"3%27%3D%273"; nocase; classtype:web-application-attack; sid:1000026;) | ||
+ | alert tcp any any -> 192.168.0.100 80 (msg:"4'='4"; content:"4%27%3D%274"; nocase; classtype:web-application-attack; sid:1000027;) | ||
+ | alert tcp any any -> 192.168.0.100 80 (msg:"5'='5"; content:"5%27%3D%275"; nocase; classtype:web-application-attack; sid:1000028;) | ||
+ | alert tcp any any -> 192.168.0.100 80 (msg:"6'='6"; content:"6%27%3D%276"; nocase; classtype:web-application-attack; sid:1000029;) | ||
+ | alert tcp any any -> 192.168.0.100 80 (msg:"7'='7"; content:"7%27%3D%277"; nocase; classtype:web-application-attack; sid:1000030;) | ||
+ | alert tcp any any -> 192.168.0.100 80 (msg:"8'='8"; content:"8%27%3D%278"; nocase; classtype:web-application-attack; sid:1000031;) | ||
+ | alert tcp any any -> 192.168.0.100 80 (msg:"9'='9"; content:"9%27%3D%279"; nocase; classtype:web-application-attack; sid:1000032;) |
Latest revision as of 20:55, 31 March 2017
Berikut ini kita akan menggunakan DVWA SQLi. Siapkan DVWA:
- Browse ke DVWA http://192.168.0.100/DVWA-1.9/security.php
- Set Low > Submit
- Masuk ke http://192.168.0.100/DVWA-1.9/vulnerabilities/sqli/
Untuk mencek SQLi vulnerability, seorang hacking kadang menyelipkan perintah berikut.
1' or '0'='0 1' or '1'='1 1' or '2'='2 1' or '3'='3 1' or '4'='4 %' or '0'='0
Deteksi SNORT
snort rules untuk mendeteksi
alert tcp any any -> 192.168.0.100 80 (msg:"0'='0"; content:"0%27%3D%270"; nocase; classtype:web-application-attack; sid:1000023;) alert tcp any any -> 192.168.0.100 80 (msg:"1'='1"; content:"1%27%3D%271"; nocase; classtype:web-application-attack; sid:1000024;) alert tcp any any -> 192.168.0.100 80 (msg:"2'='2"; content:"2%27%3D%272"; nocase; classtype:web-application-attack; sid:1000025;) alert tcp any any -> 192.168.0.100 80 (msg:"3'='3"; content:"3%27%3D%273"; nocase; classtype:web-application-attack; sid:1000026;) alert tcp any any -> 192.168.0.100 80 (msg:"4'='4"; content:"4%27%3D%274"; nocase; classtype:web-application-attack; sid:1000027;) alert tcp any any -> 192.168.0.100 80 (msg:"5'='5"; content:"5%27%3D%275"; nocase; classtype:web-application-attack; sid:1000028;) alert tcp any any -> 192.168.0.100 80 (msg:"6'='6"; content:"6%27%3D%276"; nocase; classtype:web-application-attack; sid:1000029;) alert tcp any any -> 192.168.0.100 80 (msg:"7'='7"; content:"7%27%3D%277"; nocase; classtype:web-application-attack; sid:1000030;) alert tcp any any -> 192.168.0.100 80 (msg:"8'='8"; content:"8%27%3D%278"; nocase; classtype:web-application-attack; sid:1000031;) alert tcp any any -> 192.168.0.100 80 (msg:"9'='9"; content:"9%27%3D%279"; nocase; classtype:web-application-attack; sid:1000032;)