image.png

Introduction

SQL Injection (SQLi) web applications mein sabse zyada dangerous vulnerabilities mein se ek hai, jo attackers ko databases ko manipulate karne, sensitive data extract karne, aur kabhi-kabhi remote access bhi gain karne ka moka deti hai. Yeh cheat sheet real-world SQLi exploitation par focus karti hai, jisme hands-on examples, security filters ko bypass karna, aur Burp Suite aur SQLMap jaise tools ka use dikhaya gaya hai.

Testing Environment Set Up Karna

SQL injection attacks execute karne se pehle, ek safe environment set up karna zaroori hai:

  1. Damn Vulnerable Web App (DVWA)Download Here

    DVWA ek intentionally vulnerable web app hai jo SQL injection aur dusre common vulnerabilities ko test karne ke liye perfect hai.

  2. bWAPP (Buggy Web Application) — Download Here

    bWAPP bhi ek vulnerable web app hai jo SQL injection, Cross-Site Scripting (XSS), aur aur bhi vulnerabilities ko test karne ke liye useful hai.

  3. HackTheBox ya TryHackMe Labs

    Agar aapko real-world environment mein practice chahiye, to HackTheBox aur TryHackMe platforms par SQL injection aur web application security ke challenges solve kar sakte hain.

Ensure You Have:

  1. Burp Suite (for manual exploitation)

    Burp Suite ek powerful tool hai jo aapko web application security testing aur SQL injection exploit karne ke liye manual approach dene mein madad karta hai.

  2. SQLMap (for automated attacks)

    SQLMap ek automated tool hai jo SQL injection vulnerabilities ko detect aur exploit karne ke liye use hota hai, aur yeh aapka kaafi time save karta hai.

  3. A Vulnerable Web Application

    Practice karne ke liye ek vulnerable web application hona zaroori hai, jaise DVWA ya bWAPP, jahan aap safely SQLi attacks ko execute kar sakte ho.

Step 1: Identifying SQL Injection Vulnerability

Manual Testing with Basic Payloads

  1. Login Form Test

    Sabse pehle, login form mein basic SQL injection payloads test karo. Try karo:

    admin' OR '1'='1' --

    Agar aap bina correct password ke access mil jaata hai, to application vulnerable hai.

  2. Error-Based Testing

    Agar application error throw karti hai, to input field vulnerable ho sakti hai. Try karo:

    ' OR 1=1 --
" OR 1=1 --
' OR 'a'='a' --

    Agar syntax error ya unclosed quotation ka error aata hai, to SQL injection possible ho sakti hai.

Using Burp Suite to Intercept Requests

  1. Burp Suite Proxy Enable Karna

    Burp Suite ka Proxy enable karo aur login request ko intercept karo.

  2. Username Field Modify Karna

    Username field ko modify karke admin'-- dal do.