Getting Meterpreter Shell with Sqlmap | Lucideus

INTRODUCTION
SQLi in the OWASP TOP 10 vulnerability list is the major issue which allows the attacker to execute the malicious codes in the target server and they get meterpreter session of the system. As we are going to display this attack and perform how it works.

SQLi
SQL Injection (SQLi) refers to an injection attack wherein an attacker can execute malicious SQL statements (also commonly referred to as a malicious payload) that control a web application’s database server (also commonly referred to as a Relational Database Management System – RDBMS). Since an SQL Injection vulnerability could possibly affect any website or web application that makes use of a SQL-based database, the vulnerability is one of the oldest, most prevalent and most dangerous of web application vulnerabilities.

By leveraging an SQL Injection vulnerability, given the right circumstances, an attacker can use it to bypass a web application’s authentication and authorization mechanisms and retrieve the contents of an entire database. SQL Injection can also be used to add, modify and delete records in a database, affecting data integrity.

To such an extent, SQL Injection can provide an attacker with unauthorized access to sensitive data including, customer data, personally identifiable information (PII), trade secrets, intellectual property and other sensitive information.[1]

SQLMAP
Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.[2]

METERPRETER
Meterpreter is an advanced, dynamically extensible payload that uses in-memory DLL injection stagers and is extended over the network at runtime. It communicates over the stager socket and provides a comprehensive client-side Ruby API. It features command history, tab completion, channels, and more.[3]

LAB ENVIRONMENT
Attacker’s Machine : Kali Linux 18.1 (sqlmap & msfconsole)
Victim’s Machine : Windows 8.1 PRO x64 (DVWA running on XAMPP)

                                                 
                                                                        EXPLOITATION




If you enjoyed this post, We will be very grateful if you’d help to spread this knowledge by emailing or WhatsApp to a friend or sharing it on Twitter or Facebook. Thank you!  Cheer!!

Post a Comment

0 Comments