breakthenet/HackMe-SQL-Injection-Challenges breakthenet/HackMe-SQL-Injection-Challenges

  • Stars
    star
    413
  • Rank 104,502 (Top 3 %)
  • Language
    PHP
  • Created over 8 years ago
  • Updated over 8 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
breakthenet/HackMe-SQL-Injection-Challenges
github

breakthenet

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Pen test your "friend's" online MMORPG game - specific focus, sql injection opportunities

SQL Injection Challenges

These challenges are set in a Text-Based 'MM'ORPG Game based off Mccode Lite Game Engine (GPL)

Deploy to your own Heroku instance with this button below, then complete the challenges!

Deploy

Challenges:

Challenge 1: Basic SQL Injection, modifying a query to behave other than intended.

Challenge 2: Taking it a step further and exploring subquery usage in SQL Injection

Challenge 3: Using subquery on different table to extract admin login credentials

Challenge 4: Exploring how to bypass some types of input filtering by obsfucation

Challenge 5: Exploring additional non-standard forms of user-input to achieve sql-injection

Challenge 6: Automating much of the process with existing tools, as well as seeing what's possible when a sql injection is uncovered.

Note that useful information for testing and debugging will be logged to the Papertrail app in your heroku instance. Open papertrail to view those streaming logs.

More Repositories

1

HackMe-File-Upload-Challenges

Hack your friend's online MMORPG game - specific focus, php file upload scripts
PHP
101
star
2

HackMe-Social-Engineering-Challenges

Help a buddy prank his colleagues! Show your mettle with spoofing emails, malicious attachments, spoofing sms, and spoofing phone calls to get access to voicemail
Python
93
star
3

HackMe-XSS-CSRF-Challenges

Hack your friend's online MMORPG game - specific focus, csrf/xss attacks
PHP
89
star
4

Tools-and-Techniques

A repository of knowledge accumulated that may help in the other BTN challenge repos
13
star
5

CTF-XSS

XSS cookie stealing challenge - single button deploy, just set your custom CTF Flag in the setup process!
PHP
7
star
6

CTF-Wordpress-Metasploit

PHP
2
star
7

CTF-SQL-Injection-AuthCode

SQL Injection bypass auth code challenge - single button deploy, just set your custom CTF Flag in the setup process!
HTML
2
star
8

CTF-SQL-Injection-Login

SQL Injection login as admin challenge - single button deploy, just set your custom CTF Flag in the setup process!
HTML
2
star
9

CTF-SQL-Truncation

SQL Truncation challenge - single button deploy, just set your custom CTF Flag in the setup process!
PHP
1
star