Analysis of SQLMAP Efficacy in Exploiting SQL Injection Vulnerabilities in Web Applications: A Case Study on DVWA

Analysis of SQLMAP Efficacy in Exploiting SQL Injection Vulnerabilities in Web Applications: A Case Study on DVWA

연구 분야: Databases

학회: 2023 International Conference on Engineering Applied and Nano Sciences (ICEANS)

Nowadays, web applications are an essential part of our lives. The vulnerabilities in these applications enable hackers to gain access to confidential information. The most common attack technique is known as SQL injection. SQL injection attacks pose a serious security threat to web applications. These attacks allow attackers to exploit vulnerabilities in the application's backend, which can lead to unauthorized access to sensitive data as well as system compromise. There are various types of SQL injection attacks, which might be difficult to detect. In order to identify and mitigate SQL injection vulnerabilities, manual and automatic testing tools are used. One of the popular automatic tools is SQLMAP, which is used to scan web applications for SQL injection vulnerabilities and exploit these vulnerabilities as well. In this paper, we conducted an experiment to test the effectiveness of SQLMAP in exploiting SQL injection vulnerabilities. The results of the experiment demonstrated that SQLMAP successfully exploited the vulnerabilities in the targeted website. Hence, the experiment proved the efficiency of the SQLMAP tool. Furthermore, the paper emphasizes the importance of implementing proper security measures to prevent SQL injection vulnerabilities.