Using Hackbar add-on to ease parameter probing
When testing a web application, we will need to interact with the browser's address bar, add and change parameters, and alter the URL. Some server responses will include redirects, reload, and parameter changes; all these alterations make the task of trying different values for the same variable very time consuming; we need some tool to make them less disruptive.
Hackbar is a Firefox add-on that behaves like an address bar but is not affected by redirections or other changes caused by the server's response, which is exactly why we need to begin testing a web application.
In this recipe, we will use Hackbar to easily send multiple versions of the same request.
Getting ready
If you are not using OWASP Mantra, you will have to install the Hackbar add-on to your version of Firefox.
How to do it...
Browse to Damn Vulnerable Web Application (DVWA) and log in. The default user/password combination is:
admin
/admin
.From the menu on the left, select SQL Injection...