How to set up SQLI Lab
Hello everyone, today we’ll be learning how to setup Dhakkan lab (one of the best labs I have seen for practising and understanding SQL INJECTION) in our latest Ubuntu Machine.
A laboratory that offers a complete test environment for those interested in acquiring or improving SQL injection skills. Let’s start. First, we will download SQLI lab inside html directory by the following link-
git clone http://github.com/Rinkish/Sqli_Edited_Version
Once the download is done, we will move sqli labs into the /var/www/html directory and rename it to sqli. Then go inside the sqli directory where we will find /sqli-connections directory. Here we will run ls command to check the files and we can see that here is a file by the name of db-creds.inc
we need to make some changes in the config file by the following command-
cd Sqli_Edited_Version/ ls mv sqlilabs/ ../sqli cd sqli cd sql-connections/ ls nano db-creds.inc
As we can see that username is given root and password is left blank which we need to modify.
Now here we will set the username and password as raj:123 Now save the file and exit.
Now browse this web application from through this URL: localhost/sqli and click on Setup/reset Databases for labs.
Now the sqli lab is ready to use.
Now a page will open up in your browser which is an indication that we can access different kinds of Sqli challenges
Click on lesson 1 and start the Sqli challenge.
Author – Rinkish Khera is a Web Application security consultant who loves competitive coding, hacking and learning new things about technology. Contact Here
can get edited lab
https://github.com/Rinkish/Sqli_Edited_Version
Check out my script for this issue:
https://github.com/hnsoni/SQLi_Lab_Fix.git
This will fix the issue on linux Based system.
i need edited lab
contact article author rinkishkhera01@gmail.com
https://github.com/Rinkish/Sqli_Edited_Version
thanks for it . keep it up . if you have more resources for advanced web pentest then plz send me link or material at lnchandila91@gmail.com plz give some attention
Okay, so i downloaded the edited lab and carried out all commands. Still DB does not load. Anything new or different with kali 2019?
thank you!! thank you so much!!
i got it. 🙂
Okay, I downloaded all the edited lab and followed every command in the tutorial. Still can’t load the DB? Please help me out..!
article updated, please check
[*]……………….Could not connect to DB, check the creds in db-creds.inc:
How to solve this error?
try with your mysql creds
[*]……………….Could not connect to DB, check the creds in db-creds.inc:
amazing lab test from dhakkan.
but edited lab, still have many missing lesson.
imho, i gave up n prefer installed ubuntu 14.04 support php5 in virtualbox in kali linux 2019.
and voilaaa, original sqli dhakkan run smooth.
I’ve been doing the lab on Kali Linux with php7 but when I reached Lesson 26 there’s no way of bypassing the SPACE blacklist filter. If anyone know anything about I’ll appreciate it.
Don’t know whether MariaDB has any patch to avoid it.