2019-06-13 07:20:05 +02:00
|
|
|
For this tutorial you will need the following tools
|
2019-06-13 07:15:28 +02:00
|
|
|
* Browser (Prefarably Mozilla)
|
|
|
|
* Burpsuite
|
|
|
|
* SQLMap
|
2019-06-13 07:05:40 +02:00
|
|
|
|
2019-06-13 07:21:17 +02:00
|
|
|
1. Try and login using the following credentials:<b/>
|
|
|
|
|
2019-06-13 07:20:05 +02:00
|
|
|
| Field | Value |
|
|
|
|
| --------- |:--------:|
|
|
|
|
| USERNAME | admin |
|
|
|
|
| PASSWORD | admin |
|
|
|
|
|
|
|
|
RESULTS: The webpage will display your username and no content
|
2019-06-13 07:21:17 +02:00
|
|
|
STEP 1:
|
2019-06-13 07:15:28 +02:00
|
|
|
![alt text](https://github.com/ACIC-Africa/metasploitable3/blob/master/images/payroll_app/step-1.png "STEP 1")
|
2019-06-13 07:21:17 +02:00
|
|
|
RESULTS:
|
2019-06-13 07:20:05 +02:00
|
|
|
![alt text](https://github.com/ACIC-Africa/metasploitable3/blob/master/images/payroll_app/result-1.png "Result 1")
|
2019-06-13 07:05:40 +02:00
|
|
|
1. Try and login using the following credentials:
|
2019-06-13 07:20:05 +02:00
|
|
|
| Field | Value |
|
|
|
|
| --------- |:--------:|
|
|
|
|
| USERNAME | ' |
|
|
|
|
| PASSWORD | admin |
|
|
|
|
|
|
|
|
RESULTS: The webpage will be blank
|
|
|
|
Inline-style:
|
|
|
|
![alt text](https://github.com/ACIC-Africa/metasploitable3/blob/master/images/payroll_app/step-2.png "STEP 2")
|