SQLi Labs Setup

A free video tutorial from Jesse Kurrus, M.S., OSCP, CEH, Security+, Linux+, Network+, CISSP
Senior Penetration Tester and Technical Trainer
Rating: 4.5 out of 5Instructor rating
7 courses
47,201 students
SQLi Labs Setup

Lecture description

In this lab we’re going to download and configure SQLi Labs, which is hands down one of my favorites. SQLi Labs was created by a security researcher named Audi-1. SQLi Labs is a collection of PHP files and a script to populate several MySQL databases. The purpose of these labs is to hone your SQL injection skills both manually and automatically. 

Learn more from the full course

Kali Linux Web App Pentesting Labs

Learn how to hack web applications with a real cybersecurity professional!

03:38:04 of on-demand video • Updated April 2020

Build your own penetration testing lab environment
Discover vulnerabilities in web applications automatically and manually
Escalate privileges within Linux
Local and remote buffer overflow
SQL Injection
Cross Site Scripting
Exploitation of various web-based vulnerabilities
English [Auto]
Now we're going to download and configure Escuela Labs, which is hands down, one of my favorites, Scribbly Labs, is created by a security researcher named Audy One and is a collection of files and a script to populate a miniscule database. The purpose of these labs is to hone your skill injection skills both manually and automatically. We'll dig into these in more depth later. But for now, let's focus on getting it set up. All of the commands in this video are attached to this lab in a text file. First, we need to download the school labs remake for seven, since that's what the Khaleel in twenty eighteen PVM has at the time of this recording. So go to this GitHub link that will also be included with this lab as an attachment. Click Klown or download. Download Zipp. Save file. Open up a terminal, change directories to the downloads folder. Unzip. It's. Now recursively copy the folder into the Webroot. So Sepi Hyphen are the name of the folder for schoolie labs, for bar, for slash or slash HTML. Now we're going to create a new user in my school. We're doing this because the default route user will not populate the database as expected with the Escuela lab script. So first we'll start the service service MySQL start. Now we're going to log into MySQL as a user, MySQL hyphen you, group hyphen P type in the password by default, it's T, o, r and lowercase. Now, use my skill to start using my skill. I'm going to paste a command to add a user name, Jesse, with a password of password. So you can change Jesse to whatever you want and password to whatever you want when you create your user. Enter. Now, restart the my school service service, my school restart. Now we're going to make some configuration changes to Escuela Labs, so let's go to the W w w h tml school labs M. and Eskil hyphen Connexions. We want to modify the Gbps creds file, so I'm that would be EB Crowdsourced Inc think we need to change the user from the default route and no password to the user name and password we just created. In my case, it's jessee and password. Save that. Now, do service, Maisky will restart. Service Apache, to start this is to start the Apache service so we can access it through a Web browser. Open up a browser, go to localhost Escuela, hyphen labs, hyphen seven, hyphen M.. Now click up, set up reset database for labs. If your output looks like mine, it's good to go make sure that there's no errors. Now we need to set up my school walking as we want to capture my school logs for analysis of what's occurring on the back end as a result of our school injections on the front end, knowledge of how this works is important to understand. So I am in the ETSI my school Maria Debe directory. The file that we need to modify is the 50 hyphen server CNF file. The two lines are right here, general log file. I'm going to leave it as default and general log, all I'm doing is on commenting these two lines, saving and restarting the MySQL service service, civil restart. It's a. Now we need to make sure that logging is working properly to do this, we need to execute a minuscule query. So the longest populated. Go to school labs. Quick Escuela Labs page one for basic challenges. We'll be using lesson one for this, please, input and ID as parameter with the numeric value, so questionmark ID equals one that should execute a query in the back end to make sure that we have the log as expected to KDDI. VAR log MySQL if the file is MySQL, dot log. So tail MySQL that log to get the end of the file. Good. We have select all from users where ID equals one. That's the MySQL query that was executed as a result of our entry in the front end. So as you can see, everything is working properly and we're all done with the school lab setup. If you encounter any issues, please replay this video and make sure everything is configured properly. It's very easy to make a simple mistake during this configuration. We'll tackle these labs and following lectures, but for now, let's continue our setup.