[ Certified Ethical Hacker v10 ] :: [ Module 11 ] :: SQL Injection

This entry is part 13 of 21 in the series [ Certified Ethical Hacker Training ]

SQL injection

Cheat sheet:

OWASP guide:

Dumping a complete database:


1. Log into your root-me.org account, click Challenges and click Web Server. This will get you here:

Start with “SQL Injection – Authentication”. Note all the other SQL Injection challenges. Can you beat them all?

2. In either Metasploitable2 or your own installation, go to DVWA, find Vulnerability – SQL Injection, and dump all user names. See this guide if you need help:


Series Navigation<< [ Certified Ethical Hacker v10 ] :: [ Module 10 ] :: Web Servers and Applications[ Certified Ethical Hacker v10 ] :: [ Module 12 ] :: WiFi and Bluetooth >>

Leave a Reply