Password bypass in DVWA series 11 Brute Force
Next, let's analyze the Brute Force cracking of Brute Force in DVWA. Enter the user name and password in the text box on the page. If the input is incorrect, an error is prompted.
The correct password is the same as the DVWA logon password. Correct input page:
The so-called brute-force cracking means that, without knowing the password, you can use the software to try one by one and finally crack the password.
We should first select the low level to view the source code.
With the previous foundation, you can easily find the SQL injection vulnerability in this Code. The problem lies in the following line of statements:
$ Qry = "SELECT * FROM 'users' WHERE user = '$ user' AND password =' $ pass ';";
For example, if you enter the username "admin" or "a" = "a", you can log on normally regardless of the entered password. This is the classic password bypass vulnerability.
The principle is actually very simple, as long as the user name is entered into the code can be understood.
$ Qry = "SELECT * FROM 'users' WHERE user = 'admin' or 'A' = 'A' AND password = '$ pass ';";
Because "or 'A' = 'A'" exists, the "AND password = '$ pass'" password verification does not play a role at all.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
