Open in app

Sign in

Write

Sign in

Learning SQL Injection with WebGoat

Zer0rigin
3 min readFeb 5, 2022

Starting off I downloaded the WebGoat docker image from GitHub to my Kali Linux VM. In Kali I navigated to https://github.com/WebGoat/WebGoat. Then in the terminal, I ran the command: docker run -it -p 127.0.0.1:80:8888 -p 127.0.0.1:8080:8080 -p 127.0.0.1:9090:9090 -e TZ=Europe/Amsterdam webgoat/goatandwolf:v8.2.2. This took a few minutes to download in the terminal and once the download completed I simply navigated to http://localhost:8080/WebGoat where a login appeared and I registered as a new user.

If the download is successful here is what you should see starting off with the login page.

Structured Query Language (SQL) Injection

This is my first time using WebGoat to practice SQL injection techniques so I will start from the beginning with A1 SQL Injection Intro and work through some of the exercises. The first challenge is to retrieve the department of employee Bob Franco. I will do just that starting off with SELECT * FROM EMPLOYEES WHERE USERID=96134. This is telling the database to give me all results from employees whose user id is 96134.

If done correctly here is the result with all of Mr. Franco’s information from the SQL database!

Data Manipulation Language (DML)

Moving right along to the next challenge this one asks for the use of data manipulation language to change the data in the database. This is a pretty cool challenge because doing this messes with the integrity of the data. For this challenge I entered UPDATE EMPLOYEES SET department=’Sales’ WHERE USERID=89762 and the table changes the users department from Development to Sales thus infecting the integrity of the data.

The data is changed and the integrity of the data is compromised with SQL injection.

Data Definition Language (DDL)

The challenge on the fourth page asks for the altering of the employees table to add the phone column. This is done with the statement ALTER TABLE employees ADD phone varchar(20).

Again, the integrity of the data is affected as we added Phone to the employees table.

Data Control Language (DCL)

Here the challenge is to grant privileges to an unauthorized user. This can be done with the statement grant select on grant_rights to unauthorized_user. This one is a bit confusing to me and not quite straight forward as the others, but the statement does make some since after using the hints to solve the challenge. It seems like the “grant select on” statement is enabling the ability to grant a user the rights and the “to unauthorized_user” is telling the statement with user to grant the rights.

Granting an unauthorized user privileges to a database.

That is all for me for now, but so far so good and I think WebGoat is a valuable free resource for beginners to learn hands on hacking techniques. I will definitely be jumping back on WebGoat again in the near future to finish up the other SQL injection Intro challenges. I will either update this post with the rest of the challenges or create another post.

Thank you for stopping by!

-Zer0rigin

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Sql Injection
Ethical Hacking
Webgoat
How To Hack

Zer0rigin
Zer0rigin

Written by Zer0rigin

13 Followers
5 Following

SOC Incident Repsonse Analyst. Adamant about privacy and security. Fascinated by technology ever since a Super Nintendo controller graced my hand.

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams