Skip to content
master
Go to file
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
css
 
 
 
 
js
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

SQL Injection Challenges

These challenges are set in a Text-Based 'MM'ORPG Game based off Mccode Lite Game Engine (GPL)

Deploy to your own Heroku instance with this button below, then complete the challenges!

Deploy

Challenges:

Challenge 1: Basic SQL Injection, modifying a query to behave other than intended.

Challenge 2: Taking it a step further and exploring subquery usage in SQL Injection

Challenge 3: Using subquery on different table to extract admin login credentials

Challenge 4: Exploring how to bypass some types of input filtering by obsfucation

Challenge 5: Exploring additional non-standard forms of user-input to achieve sql-injection

Challenge 6: Automating much of the process with existing tools, as well as seeing what's possible when a sql injection is uncovered.


Note that useful information for testing and debugging will be logged to the Papertrail app in your heroku instance. Open papertrail to view those streaming logs.

About

Pen test your "friend's" online MMORPG game - specific focus, sql injection opportunities

Resources

Releases

No releases published

Packages

No packages published

Languages

You can’t perform that action at this time.