## https://sploitus.com/exploit?id=2A3C0873-FAD9-537D-BDF2-0AF787CBC62C
# Task 9: SQL Injection Vulnerability Assessment using DVWA
## Objective
The objective of this project is to demonstrate an SQL Injection vulnerability using DVWA (Damn Vulnerable Web Application), explain how the vulnerability works, and discuss methods to mitigate it.
## Tools Used
- Ubuntu Linux (VMware)
- Apache2
- PHP
- MariaDB
- DVWA
- Git
## Project Files
```
OIBSIP_Cybersecurity_Task9/
โโโ README.md
โโโ sql_injection_exploit.sh
โโโ exploit_report.md
โโโ exploit_demo.mp4
โโโ screenshots/
```
## Steps Performed
1. Installed and configured DVWA.
2. Configured the local database.
3. Started Apache and MariaDB.
4. Set the DVWA security level to **Low**.
5. Opened the SQL Injection module.
6. Demonstrated the SQL Injection vulnerability in the controlled DVWA environment.
7. Documented the findings.
8. Discussed mitigation techniques.
## Mitigation
- Validate user input.
- Use prepared statements.
- Apply parameterized queries.
- Limit database privileges.
- Perform regular security testing.
## Disclaimer
This project was completed only in a local DVWA training environment for educational purposes.