An SQL injection playground, from basic to advanced
Will you solve all the levels?
- Clone the repo
./build.sh
firefox https://172.16.0.2
- Start hacking!
Tip: add it to your hosts file:
echo '172.16.0.2 sqli.lab' >> /etc/hosts && firefox https://sqli.lab
😃
The goal of this lab is to train like a hacker not a script kiddie
- No automated tools (like SQLmap, dirb...)
- Only hand-crafted payloads or home-made scripts
It's recommended to not read the source code. If you are stuck: Inspect element
for (big) nudges.
I will not provide any solution in this repo, instead I will make a blog post on my website to explain step by step all the levels. You are free to write public solutions on your own blog.