Share
## https://sploitus.com/exploit?id=2A3C0873-FAD9-537D-BDF2-0AF787CBC62C
# Task 9: SQL Injection Vulnerability Assessment using DVWA

## Objective

The objective of this project is to demonstrate an SQL Injection vulnerability using DVWA (Damn Vulnerable Web Application), explain how the vulnerability works, and discuss methods to mitigate it.

## Tools Used

- Ubuntu Linux (VMware)
- Apache2
- PHP
- MariaDB
- DVWA
- Git

## Project Files

```
OIBSIP_Cybersecurity_Task9/
โ”‚โ”€โ”€ README.md
โ”‚โ”€โ”€ sql_injection_exploit.sh
โ”‚โ”€โ”€ exploit_report.md
โ”‚โ”€โ”€ exploit_demo.mp4
โ””โ”€โ”€ screenshots/
```

## Steps Performed

1. Installed and configured DVWA.
2. Configured the local database.
3. Started Apache and MariaDB.
4. Set the DVWA security level to **Low**.
5. Opened the SQL Injection module.
6. Demonstrated the SQL Injection vulnerability in the controlled DVWA environment.
7. Documented the findings.
8. Discussed mitigation techniques.

## Mitigation

- Validate user input.
- Use prepared statements.
- Apply parameterized queries.
- Limit database privileges.
- Perform regular security testing.

## Disclaimer

This project was completed only in a local DVWA training environment for educational purposes.