SQL Injection Challenges
These challenges are set in a Text-Based 'MM'ORPG Game based off Mccode Lite Game Engine (GPL)
Deploy to your own Heroku instance with this button below, then complete the challenges!
Challenge 1: Basic SQL Injection, modifying a query to behave other than intended.
Challenge 2: Taking it a step further and exploring subquery usage in SQL Injection
Challenge 3: Using subquery on different table to extract admin login credentials
Challenge 4: Exploring how to bypass some types of input filtering by obsfucation
Challenge 5: Exploring additional non-standard forms of user-input to achieve sql-injection
Challenge 6: Automating much of the process with existing tools, as well as seeing what's possible when a sql injection is uncovered.
Note that useful information for testing and debugging will be logged to the Papertrail app in your heroku instance. Open papertrail to view those streaming logs.