pushpenderindia / sqliweb Goto Github PK

View Code? Open in Web Editor NEW

20.0 1.0 8.0 478 KB

Lab Website For Practicing Different Types of SQL Injection Vulnerabilities

PHP 69.87% CSS 29.98% JavaScript 0.15%

blind-boolean-sqli blind-time-sqli double-query-sqli error-based-sqli time-based-sqli union-sqli

sqliweb's Introduction

SQLi Web

Website Containing Different Types of SQL Injection Vulnerabilities

Lab Preview

Lab Challenges

Different Types of SQLi Vulnerabilities Covered

Error Based
Union Based
Double Query Based
Blind Boolean Based
Blind Time Based
Time Based

Injection Point of Vulnerabilities

GET Based Parameter
POST Based Parameter
Header Based Parameter
Cookies Based Parameter

Lab Setup Instructions

Type sudo mysql -u root
Enter this command mysql shell: grant all privileges on *.* to root@localhost identified by '' with grant option;
Type \q or quit to exit mysql shell

Copy & Paste the Command in your linux System

sudo git clone https://github.com/PushpenderIndia/SQLiWeb && sudo mv SQLiWeb/sqli_challenges /var/www/html && sudo rm -r SQLiWeb && sudo service apache2 start && sudo service mysql start && firefox http://127.0.0.1/sqli_challenges/php/db/setup.php &

If you have changed the MYSQL Credentials, You will get error in your browser, after running above command Follow below instructions for updating mysql creds

Update MySQL Credentials in db_config.php file, present in /var/www/html/sqli_challenges/php/db/

<?php

// Update MySQL DB Credentials
$dbuser  = "root";
$dbpass  = "";

...
...

?>

By Default db_creds.php will have MYSQL Username: root & Password: "" (No Password)
Run this command to setup Database: firefox http://127.0.0.1/sqli_challenges/php/db/setup.php & or simply visit http://127.0.0.1/sqli_challenges/php/db/setup.php using web browser.
After Setting up the website, it will redirect you to http://127.0.0.1/sqli_challenges/index.php
Then whenever you want to start website, just run this command:

sudo service apache2 start && sudo service mysql start && firefox http://127.0.0.1/sqli_challenges/index.php &

Writeups

User-Agent Header Based - Blind SQLi in Sony: SQLi To RCE

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.

Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

TensorFlow

An Open Source Machine Learning Framework for Everyone

Django

The Web framework for perfectionists with deadlines.

Laravel

A PHP framework for web artisans

D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

web

Some thing interesting about web. New door for the world.

server

A server is a program made to process requests and deliver data to clients.

Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

Visualization

Some thing interesting about visualization, use data art

Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.

Microsoft

Open source projects and samples from Microsoft.

Google

Google ❤️ Open Source for everyone.

Alibaba

Alibaba Open Source for everyone

D3

Data-Driven Documents codes.

Tencent

China tencent open source team.