SQLol: Difference between revisions
mNo edit summary |
(replace /etc/init.d with rc-service) |
||
(3 intermediate revisions by 3 users not shown) | |||
Line 7: | Line 7: | ||
{{Cmd|apk add php-mysql mysql mysql-client php-zlib}} | {{Cmd|apk add php-mysql mysql mysql-client php-zlib}} | ||
== Installing and configuring | == Installing and configuring SQLol == | ||
Create | Create a folder named {{Path|webapps}} | ||
{{Cmd|mkdir -p /usr/share/webapps/}} | {{Cmd|mkdir -p /usr/share/webapps/}} | ||
Switch to the {{Path|webapps}} folder and download the source files | |||
{{Cmd|cd /usr/share/webapps/ | {{Cmd|cd /usr/share/webapps/ | ||
git clone git://github.com/SpiderLabs/SQLol.git}} | git clone <nowiki>git://github.com/SpiderLabs/SQLol.git</nowiki>}} | ||
<!-- | <!-- | ||
Unpack the archive | Unpack the archive | ||
Line 30: | Line 30: | ||
{{Cmd|chown -R lighttpd /usr/share/webapps/}} | {{Cmd|chown -R lighttpd /usr/share/webapps/}} | ||
Create a symlink to the | Create a symlink to the {{Path|sqlol}} folder | ||
{{Cmd|ln -s /usr/share/webapps/sqlol/ /var/www/localhost/htdocs/sqlol}} | {{Cmd|ln -s /usr/share/webapps/sqlol/ /var/www/localhost/htdocs/sqlol}} | ||
Line 37: | Line 37: | ||
{{Cmd|<nowiki>/usr/bin/mysql_install_db --user=mysql | {{Cmd|<nowiki>/usr/bin/mysql_install_db --user=mysql | ||
rc-service mysql start && rc-update add mysql default | |||
/usr/bin/mysqladmin -u root password 'password'</nowiki>}} | /usr/bin/mysqladmin -u root password 'password'</nowiki>}} | ||
==SQLol configuration== | == SQLol configuration == | ||
Please add the MySQL configuration details to the SQLol config file | Please add the MySQL configuration details to the SQLol config file | ||
Line 46: | Line 46: | ||
{{Cmd|nano -w /usr/share/webapps/sqlol/includes/database.config.php}} | {{Cmd|nano -w /usr/share/webapps/sqlol/includes/database.config.php}} | ||
Browse to http://WEBSERVER_IP_ADDRESS/sqlol . | Browse to <nowiki>http://WEBSERVER_IP_ADDRESS/sqlol</nowiki> . | ||
[[Category:SQL]] [[Category:Security]] | [[Category:SQL]] [[Category:Security]] |
Latest revision as of 09:56, 17 November 2023
SQLol is a SQL injection playground which allows you to exploit and detect SQL injection flaws.
Install lighttpd, PHP, and MySql
Basic Installation
For installing the additional packages first activate community packages and update the package index
Install the required packages:
# apk add lighttpd php82 fcgi php82-cgi
Configure Lighttpd
Edit lighttpd.conf (/etc/lighttpd/lighttpd.conf) and uncomment the line:
Contents of /etc/lighttpd/lighttpd.conf
Edit mod_fastcgi.conf (/etc/lighttpd/mod_fastcgi.conf), find and change /usr/bin/php-cgi to /usr/bin/php-cgi82.
Contents of /etc/lighttpd/mod_fastcgi.conf
Start lighttpd
service and add it to default runlevel
# rc-service lighttpd start # rc-update add lighttpd default
Install extra packages:
apk add php-mysql mysql mysql-client php-zlib
Installing and configuring SQLol
Create a folder named webapps
mkdir -p /usr/share/webapps/
Switch to the webapps folder and download the source files
cd /usr/share/webapps/ git clone git://github.com/SpiderLabs/SQLol.git
Rename the folder
mv SQLol sqlol
Change the folder permissions
chown -R lighttpd /usr/share/webapps/
Create a symlink to the sqlol folder
ln -s /usr/share/webapps/sqlol/ /var/www/localhost/htdocs/sqlol
Configuration and start MySQL
/usr/bin/mysql_install_db --user=mysql rc-service mysql start && rc-update add mysql default /usr/bin/mysqladmin -u root password 'password'
SQLol configuration
Please add the MySQL configuration details to the SQLol config file
nano -w /usr/share/webapps/sqlol/includes/database.config.php
Browse to http://WEBSERVER_IP_ADDRESS/sqlol .