Subscribe to Blog via Email

Categories

Archives

Database Hacking, Penetration Testing, Website Hacking

How to set up SQLI Lab

Hello everyone, today we’ll be learning how to setup Dhakkan lab (one of the best labs I have seen for practising and understanding SQL INJECTION) in our latest Ubuntu Machine.

A laboratory that offers a complete test environment for those interested in acquiring or improving SQL injection skills. Let’s start. First, we will download SQLI lab inside html directory by the following link-

Once the download is done, we will move sqli labs into the /var/www/html directory and rename it to sqli. Then go inside the sqli directory where we will find /sqli-connections directory. Here we will run ls command to check the files and we can see that here is a file by the name of db-creds.inc

we need to make some changes in the config file by the following command-

As we can see that username is given root and password is left blank which we need to modify.

Now here we will set the username and password as raj:123 Now save the file and exit.

Now browse this web application from through this URL: localhost/sqli and click on Setup/reset Databases for labs.

Now the sqli lab is ready to use.

Now a page will open up in your browser which is an indication that we can access different kinds of Sqli challenges

Click on lesson 1 and start the Sqli challenge.

Author – Rinkish Khera is a Web Application security consultant who loves competitive coding, hacking and learning new things about technology. Contact Here

16 thoughts on “How to set up SQLI Lab

  1. I’ve been doing the lab on Kali Linux with php7 but when I reached Lesson 26 there’s no way of bypassing the SPACE blacklist filter. If anyone know anything about I’ll appreciate it.

    Don’t know whether MariaDB has any patch to avoid it.

Leave a Reply

Your email address will not be published. Required fields are marked *