Shulou(Shulou.com)06/01 Report--

Let's analyze the Brute Force brute force cracking in DVWA. Enter the user name and password in the text box of the page. If you enter it incorrectly, an error prompt will appear.

The correct password is the same as the DVWA login password, which is password. The page that you entered correctly:

The so-called brute force cracking is to try one by one password by software without knowing the password, so as to crack the password finally.

Let's first select the low level and look at the source code.

With the previous foundation, it is easy to find a SQL injection vulnerability in this code, and the problem lies in the following line of statement:

$qry = "SELECT * FROM `users` WHERE user='$user' AND password='$pass';"

For example, if we enter the user name "admin' or'a password", then no matter what password you enter, you can log in normally. This is the classic password bypass vulnerability.

The principle is actually very simple, as long as the user name into the code can be understood.

$qry = "SELECT * FROM `users`WHERE user='admin' or 'a' ='a' AND password='$pass';"

Because of the existence of "or'a'='a'", the later "AND password='$pass'" password authentication doesn't work at all.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.