Skip to content
/ sqli-testbed Public

SQL injection testbed designed for sqlmap practice (MySQL backend)

License

MIT license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hvqzao/sqli-testbed

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
.htaccess
.htaccess
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
index.php
index.php
 
 

Repository files navigation

sqli-testbed

SQL injection testbed designed for sqlmap practice (MySQL backend)

Usage

  1. Clone repository:
cd /var/www/html ; git clone https://github.com/hvqzao/sqli-testbed sqli
  1. Change password:
newpass=`apg -M NCL -m 12 -n 1` ; echo -e "New password: $newpass\nPress Enter to proceed, ^C to cancel." ; read ; sed -i "s/zoacUtOvee/$newpass/g" index.php

  1. Setup MySQL (commands included in index.php)

  2. Configure "Setup", "Drop" and "Filter" sections (uncomment appropriate entries in index.php)

  3. Goal: Dump table with user passwords

Union based: http://127.0.0.1/sqli/?u=1

Boolean based: http://127.0.0.1/sqli/?b=1

Example use: https://www.youtube.com/watch?v=KSiS5c83-y0

License

MIT License

About

SQL injection testbed designed for sqlmap practice (MySQL backend)

Topics

intentionally-vulnerable sqlmap-practice

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages