Skip to content

Latest commit

 

History

History
43 lines (31 loc) · 992 Bytes

README.md

File metadata and controls

43 lines (31 loc) · 992 Bytes

SQLi-labs

In this repository, I have published the write-ups for all the levels in SQLi-labs.

About

SQLi-Labs is a platform to learn SQLI Vulnerabilities.

Following labs are covered for GET and POST scenarios:

  1. Error Based Injections (Union Select)

    • String
    • Integer
  2. Error Based Injections (Double Injection Based)

  3. BLIND Injections:

    • Boolean Based
    • Time Based
  4. Update Query Injection.

  5. Insert Query Injections.

  6. Header Injections.

    • Referer based.
    • UserAgent based.
    • Cookie based.
  7. Second Order Injections

  8. Bypassing WAF

    • Bypassing
      • Blacklist filters
      • Stripping comments
      • Stripping OR & AND
      • Stripping SPACES and COMMENTS
      • Stripping UNION & SELECT
    • Impidence mismatch
  9. Bypass addslashes()

  10. Bypassing mysql_real_escape_string. (under special conditions)

  11. Stacked SQL injections.

  12. Secondary channel extraction