Persecure : my learning archive

DVWA SQL Injection

Head to the SQL Injection section in the DVWA

Check for the database with a ‘

Enter User ID as 1 to see how the database work.

Send the request to burpsuite.

Clear the payload and add the id= input.

I use the SQL payload list from here

Observe the payload with the different payload length.

Try out the successful payloads.

Users found

Create a website or blog at WordPress.com