An SQL injection playground, from basic to advanced

Will you solve all the levels ?

• Clone the repo
• ./build.sh
• firefox http://172.16.0.2
• Start hacking !

Tip: add it to your hosts file : echo '172.16.0.2 sqli.lab' >> /etc/hosts && firefox http://sqli.lab 😃

The goal of this lab is to train like a hacker not a script kiddie

• No automated tools (like SQLmap, dirb...)
• Only hand-crafted payloads or home-made scripts

It's recommended to not read the source code. If you are stuck : Inspect element for (big) nudges.

I will not provide any solution in this repo, instead I will make a blog post on my website to explain step by step all the levels. You are free to write public solutions on your own blog.