Lab 3: SQLi Labs

CodeName: What's your browser?

The SQL Injection labs contain 10 challenges:

1. Warm-up: SQLi level 1
2. Easy: SQLi level 2
3. Easy: SQLi level 3
4. Medium: SQLi level 4
5. Medium: SQLi level 5
6. Hard: SQLi level 6
7. Hard: SQLi level 7
8. Medium: SQLi level 8
9. Medium: SQLi level 9
10. Hard: SQLi level 10

Description

You are a pentester, and "Web statistics" hired you to pentest their browsers statistic application. The application stores information about browsers in a DB.

Each level wrongly escape inputs, and you have to bypass some server-side PHP/MySQL filters.

The solutions you will see are just a few of the many you can have. As a suggestion, once you will finish these labs, you can try to solve them again using your way and alternative techniques. You can find the solutions at http://info.sqli.labs/solutions.html

The full list of all the labs and the related descriptions are available at: http://info.sqli.labs/

Solutions

The techniques used during this lab are better explained in the study material. You should refer to it for further details.

You can find the solutions at http://info.sqli.labs/solutions.html

Note: Different sqlmap versions may require different options/flags. For example, regarding level 9:

sqlmap -u 'http://9.sqli.labs/' -p user-agent --tamper=chardoubleencode --technique=U --banner --level=3 --risk=3

or

sqlmap -r 9.sqli.labs.for.sqlmap --banner --tamper=chardoubleencode --dbms mysql --batch --union-char=els  --technique=E