[Plug-security] SQL Injection Solved
Lisa Kachold
lisakachold at obnosis.com
Sat May 11 13:46:35 MST 2013
Here's our flag (clearly exploitable):
http://12.159.65.86/dvwa <http://12.159.65.86/dvwa/vulnerabilities/sqli/>
read the last line silly
Here's our form (new database created today by Scott):
http://12.159.65.86/dvwa/vulnerabilities/sqli/
Go through the video to play with "practical" demo for the concepts from
David's Presentation.
Go to http://it-clowns.com/c/index.php/
For today's presentation
On Sat, May 11, 2013 at 1:25 PM, Lisa Kachold <lisakachold at obnosis.com>wrote:
> Here's the solution and demonstration for the SQL Injection today using
> Metasploitable 2:
>
> http://www.youtube.com/watch?v=oMV0JZVxvdQ
>
> Sorry no-one was successful taking a flag (except via Armitage/Metasploit
> for known vulnerabilites).
>
> Thanks to David Demland for providing a great presentation.
> --
>
> (503) 754-4452 Android
> (623) 239-3392 Skype
> (623) 688-3392 Google Voice
> **
> it-clowns.com <http://it-clowns.com/c/index.php>
> Chief Clown
>
>
>
>
>
>
>
>
>
>
>
>
>
>
--
(503) 754-4452 Android
(623) 239-3392 Skype
(623) 688-3392 Google Voice
**
it-clowns.com <http://it-clowns.com/c/index.php>
Chief Clown
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-security/attachments/20130511/37bbb536/attachment.html>
More information about the Plug-security
mailing list