SQL Injection

Lab Assignment
In this lab, you will launch an SQL injection attack from Kali to a vulnerable web application on OWASP BWA.

1) You are required to complete the section titled “SQL Injection” in the lab instructions starting on Page 13. You should log into Kali VM and enter “root” as the username and “toor” as the password before starting the Section 4.
2) You can also complete the first three sections of the lab to gain acquaintance with SQL. It is recommended, but not required.
3) Before performing this lab, please make sure that you read the sections related with SQL Injection in Chapter-26 and Chapter 27.
4) Take a screenshot of step 12, Section 4. Only take the screenshots that show password fields that are associated with the users table.

Reflection Assignment
After completing this lab,

1) Write a one-paragraph summary for what you have done in this netlab assignment.
2) Write a one-paragraph explanation of how you can fix the vulnerability on OWASP BWA. (Refer to Chapter 26 and Chapter 27)
3) Watch the video on this webpage and also read the story on how an SQL injection vulnerability turned into a national security case: https://abc7chicago.com/politics/how-the-russians-penetrated-illinois-election-computers/3778816/ . What are the consequences of this vulnerability?

Sample Solution