Hello everyone, today we’ll be learning how to setup Dhakkan lab (one of the best labs I have seen for practising and understanding SQL INJECTION) in our latest Ubuntu Machine.

A laboratory that offers a complete test environment for those interested in acquiring or improving SQL injection skills. Let’s start. First, we will download SQLI lab inside html directory by the following link-

git clone http://github.com/Rinkish/Sqli_Edited_Version

Once the download is done, we will move sqli labs into the /var/www/html directory and rename it to sqli. Then go inside the sqli directory where we will find /sqli-connections directory. Here we will run ls command to check the files and we can see that here is a file by the name of db-creds.inc

we need to make some changes in the config file by the following command-

cd Sqli_Edited_Version/
ls
mv sqlilabs/ ../sqli
cd sqli
cd sql-connections/
ls
nano db-creds.inc

As we can see that username is given root and password is left blank which we need to modify.

Now here we will set the username and password as raj:123 Now save the file and exit.

Then, browse this web application from through this URL: localhost/sqli and click on Setup/reset Databases for labs.

Now the sqli lab is ready to use.

Then, a page will open up in your browser which is an indication that we can access different kinds of Sqli challenges

Finally, Click on lesson 1 and start the Sqli challenge.

To learn more about Database Hacking. Follow this Link.

Author – Rinkish Khera is a Web Application security consultant who loves competitive coding, hacking and learning new things about technology. Contact Here

Related posts:

PowerShell for Pentester: Windows Reverse Shell A Detailed Guide on Log4J Penetration Testing