sqli-labs
一、环境搭建
sqli-labs是一个SQL注入测试平台,这里不用太过复杂的配置,直接使用 docker 来搭建。
1、查找docker环境
ubuntu# docker search sqli-labs
NAME DESCRIPTION STARS OFFICIAL
acgpiano/sqli-labs sql injection labs 9
c0ny1/sqli-labs sqli-labs是一个sql注入的练习靶机,项目地址为… 2
sari3l/sqli-labs-safedog Base: sqli-labs & safedog(version Linux64_2.… 1
promiseit/sqli-labs 1
0bajie0/sqli-labs 1
tinmin/sqli-labs 0
area39/sqli-labs sql inject 0
hl0rey/sqli-labs 0
sari3l/sqli-labs Base: Debian-Wheey + Mysql 5.5 + PHP 5 0
sari3l/sqli-labs-yunsuo Base: sqli-labs & yunsuo(version Linux_3.0.6… 0
fengbj/sqli-labs lamp+sqli-labs please down 2.0 0
xuanxuan3000/sqli-labs 0
aqyoung/sqli-labs 0
baohs/sqli-labs-cenos 0
mendickxiao/sqli-labs sqli-labs based on ubuntu 0
r0ulier/sqli-labs sqlInjection 0 2、拉取环境镜像
ubuntu# docker pull acgpiano/sqli-labs
Using default tag: latest
latest: Pulling from acgpiano/sqli-labs
10e38e0bc63a: Pull complete
0ae7230b55bc: Pull complete
fd1884d29eba: Pull complete
4f4fb700ef54: Pull complete
2a1b74a434c3: Pull complete
fb846398c5b7: Pull complete
9b56a3aae7bc: Pull complete
1dca99172123: Pull complete
1a57c2088e59: Pull complete
b3f593c73141: Pull complete
d6ab91bda113: Pull complete
d18c99b32885: Pull complete
b2e4d0e62d16: Pull complete
91b5c99fef87: Pull complete
bf0fd25b73be: Pull complete
b2824e2cd9b8: Pull complete
97179df0aa33: Pull complete
Digest: sha256:d3cd6c1824886bab4de6c5cb0b64024888eeb601fe18c7284639db2ebe9f8791
Status: Downloaded newer image for acgpiano/sqli-labs:latest3、运行环境
ubuntu# docker run -d -t -p 8004:80 --name sqli acgpiano/sqli-labs:latest
8a4d4d807fda1111af05e9ab5681394230a41f3b7e46ca2a8127e1a2b8ecfba54、配置环境
5、验证配置
二、通关攻略
Less-1 Error Based–Single quotes
这里根据题目已知是单引号的注入了,但是还是测试一下,尽可能多的获取一些信息。
