Skip to content

breakthenet/HackMe-SQL-Injection-Challenges

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
css
 
 
 
 
js
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

SQL Injection Challenges

These challenges are set in a Text-Based 'MM'ORPG Game based off Mccode Lite Game Engine (GPL)

Deploy to your own Heroku instance with this button below, then complete the challenges!

Deploy

Challenges:

Challenge 1: Basic SQL Injection, modifying a query to behave other than intended.

Challenge 2: Taking it a step further and exploring subquery usage in SQL Injection

Challenge 3: Using subquery on different table to extract admin login credentials

Challenge 4: Exploring how to bypass some types of input filtering by obsfucation

Challenge 5: Exploring additional non-standard forms of user-input to achieve sql-injection

Challenge 6: Automating much of the process with existing tools, as well as seeing what's possible when a sql injection is uncovered.


Note that useful information for testing and debugging will be logged to the Papertrail app in your heroku instance. Open papertrail to view those streaming logs.

About

Pen test your "friend's" online MMORPG game - specific focus, sql injection opportunities

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages