| ||
The system is located in the /LOCALHOST/ZADACHI/4/ folder on the CD-ROM. It is available at http://localhost/zadachi/4/index.php if the HTTP server is installed.
The system is a news system. It stores news items in a database.
It consists of several files. The INDEX.PHP file displays the news list from the database.
The NEWS.PHP file takes the id parameter and displays the news message corresponding to the identifier.
Goal 1. Find a vulnerability of the SQL source code injection type.
Goal 2. Investigate the query and clear up the type and version of the database.
Goal 3. Exploit the vulnerability to obtain the logins and the passwords stored in the passwords table of this database. The structure of this table is the following.
Passwords |
---|
mysql> describe passwords ; +-------+--------------+------+-----+---------+-------+ Field Type Null Key Default Extra +-------+--------------+------+-----+---------+-------+ id int(ll) PRI 0 name varchar(255) YES NULL pass varchar(255) YES NULL +-------+--------------+------+-----+---------+-------+ 3 rows in set (0.00 sec) |
Goal 4. Exploit the vulnerability to obtain the contents of the NEWS.PHP and INDEX.PHP files.
| ||