how to use SQL injection

1. open your mantra as browser and brupsuite
2. type localhost, and enter..
3. your login and then your choose tab SQL Injection, type random in the box, then click submit.
4. in url address, your copy..

5. open tool sqlmap in backtrack , type "./sqlmap.py -u http "target" --cookie "cookie target" --dbs --D dvwa, this result..
you can have cookie with drupsuite in tab proxy

6. have 4 database on active, we will see tables in active on database

7. after then, we will users and password in table users