By performing a scan against one of our target systems, as we did in Chapter 3, Vulnerability Assessment and Management, we came across one of the very common vulnerabilities, related to MySQL. So, let's go through that one and see if we can exploit it somehow.

We will be using a so called SQL injection attack to perform this task, but first of all we have to be sure that the target machine is really vulnerable. There are two ways to check this: the easy way and the complicated way.

The easy way is to use a straightforward approach to find any of the login pages on the website and try to type ' (single quote) for both username and password parameters.

The long and complicated way is where the webmaster is clever (and most of them are) and hides or randomizes the login page name, where it will difficult to locate and attempt to access it.

In this case, we have to manually try every single page ID by putting a " ' " (single quote) before the ID number...