Highest Voted 'owasp-bwa' Questions - IT Security Stack Exchange

11

votes

4 answers

SQL Injection Escaping Challenge Security Shepherd

I am using Security Shepherd as a training tool and I am now in the challenge, SQL Injection Escaping Challenge. The Challenge: When I make a query just like the one above (just with different table names) in a local database in MySQL it works…

sql-injection mysql owasp-bwa

asked Oct 29 '16 at 18:43

J.Doo

111
1
1
4

4

votes

1 answer

How do I use sqlmap to dump the OWASP Juice Shop schema?

I cannot seem to get sqlmap to successfully exploit and retrieve schema information from OWASP's deliberately vulnerable Juice Shop web application. I've tried to be very specific in my sqlmap command line options to help it along, but it still…

sql-injection owasp sqlmap owasp-bwa

asked Apr 11 '19 at 19:34

jkeeler

143
1
6

2

votes

3 answers

Injecting to OWASP Juice shop doesn't work

I've just learned the theory behind XSS attacks and now I would like to test my knowledge in a legal way. I wanted to "hack" OWASP Juice shop by following steps from this book section "Perform a reflected XSS attack". When I use iframe…

xss owasp owasp-bwa

asked Dec 15 '18 at 21:07

Paweł Adamski

123
1
5

1

vote

1 answer

SQLMAP unable to upload the stager file with 404 error

I can't get to upload the stager file on the OWASP BWA document root (/var/wwww/WackoPicko/users). I am not sure how to troubleshoot this error. root kali:~# sqlmap -u "http://x.x.x.x/WackoPicko/users/login.php" --data…

php mysql sqlmap owasp-bwa

asked Aug 14 '14 at 05:21

c0ldhand

13
1
3

1

vote

1 answer

What are the risks of publicly hosting OWASP Juice shop

For those who don't know it: The Juice shop is an intentionally vulnerable webshop which 'supports' SQL injection, XSS, DoS and all this kind of nasty stuff. It's nice to run on localhost and play a little around. So given the facts that…

owasp owasp-bwa

asked Mar 15 '19 at 11:16

Br2

13
4

1

vote

2 answers

What are the common features to identify XSS attack from Apache log file?

I have tried some XSS vulnerability on web application such as webgoat, OWASP mutillidae, bWAPP. I want to know the features/keywords/footprints of cross site scripting attack in apache log file and from these footprints, it is possible to identify…

xss owasp reflected-xss owasp-bwa

asked Dec 27 '18 at 08:16

Shree

151
1
7

0

votes

1 answer

SQLMAP Redirect using xampp

I am learning SQLi using sqlmap and xampp. I set up my lab the same way as per tutorial but when I run sqlmap.py -u "http://localhost/bwapp/sqli_1.php?title=1*" the error got 302 redirected to http://localhost:80/bwapp/login.php and when I…

sql-injection sqlmap xampp owasp-bwa

asked Apr 19 '20 at 07:13

amsyrfkri

1

0

votes

1 answer

bWAPP- SQL injection Hack displays a white screen?

I've been following this video(https://www.youtube.com/watch?v=XDCZ8FC856s) to install bWAPP on Parrot OS and everything works fine except SQL Injection. I've checked the database and its active. As you can see: And when I select SQL…

sql-injection owasp-bwa

asked Sep 01 '18 at 07:37

AzyCrw4282

103
3

-1

votes

1 answer

Can't bypass filter

Trying some malicious injection against bWAPP and came across bypass captcha Filter validating captcha is if($_POST["captcha_user"] == $_SESSION["captcha"]) Tried input 1' || '2 but it doesn't bypass logical condition.

php injection owasp-bwa

asked Oct 05 '20 at 05:15

Ryuzaki

11
3

Questions tagged [owasp-bwa]