Exercise 2: Performing Automated Database Penetration Testing Using Havij
Scenario
Database Vulnerability Assessments are essential to a methodical and proactive way to deal with database security and diminish the danger connected with both web and database particular assaults and bolster agreeability with significant norms, laws & regulations.
Database Vulnerability Assessments are best utilized:
- As a fast and economical method for surveying the danger connected with a database that is in operation yet has not (as of late) experienced a more extensive database security appraisal.
- As a major aspect of a progressing defenselessness/design administration program, particularly in the backing of show of continuous agreeability with important models/regulations.
- To evaluate less basic databases (i.e., databases with a moderate danger profile where the danger does not legitimize more prominent degree and meticulousness.
- As a data gathering instrument to center entrance testing or code surveys.
Lab Duration: 15 Minutes
- Click Windows Server 2012 (Internal Network)and click Ctrl+Alt+Delete.
- In the password field click Pa$$w0rd and press Enter.
You can use the Type Password option from the Commands menu to enter the password.
- In this lab, we will perform SQL injection on the database server located in the machine Database Server Subnet B (10.10.20.2) using a tool named Havij. The attack vector in this lab would be the website with the URL http://10.10.20.2/realhome.
To install Havij, navigate to E:\ECSAv10 Module 09 Database Penetration Testing Methodology\Havij and double-click Havij 1.15 Free.exe.
An Open File - Security Warning window appears; click Run and follow the wizard-driven installation steps to install Havij.
- Once the installation is completed check Launch Havij option and click Finish button. Havij will launch automatically.
- Havij main window appears as shown in the screenshot. Now in the Target field type http://10.10.20.2/queenhotel/about.aspx?name=coffee and click Analyze.
Leave the other settings to default.
- Havij will starts analyzing URL provided in target field as shown in the screenshot.
- Click Info tab to view environment of target website hosted.
- Now in the Info tab click on the Get button to obtain the complete details of the hosted machine.
This will display the Hostname, current database, database used, and databases connected to it.
- Now click on Tables tab to view the list of tables connected to the database. It will list out all the tables that are connected.
- Now check on any of the databases listed in the left pane, and click GET Tables button to extract information.
In this lab, we are going to extract Real_Homedatabase.
- Havij will extract Tables from the database as shown in the screenshot. Now, check on the table to extract the columns and click Get Columns.
In this lab, we will choose Login table to extract the columns.
- The extracted columns from the database are shown in the screenshot. Now, we need to extract the login credentials of the website.
So, check password and login_usernamecolumns to extract credentials. Once you checked these two options click Get Data button to extract credentials.
Password and Username columns may vary as per your database connection.
- Havij extracted the login credentials of the Real_Home database as shown in the screenshot.
- To verify these credentials, launch a web browser, type http://10.10.20.2/realhome in the address bar and press Enter. Real Home webpage appears as shown in the screenshot below.
In this lab, we will use Firefox browser to login.
- Now use the following credentials to Login realhome website.
Username: smith
Password: smith@123
and click Login button.
- Now you have Successfully logged in with the extracted credentials by using Havij.
Ignore the password remembering pop-up by clicking Don't Save.
- Close all the opened windows.
In this lab you have learned how to extract Databases, Tables, Columns, and User Credentials using Havij
0 comments:
Post a Comment