Difference between revisions of "SQLol"

From Alpine Linux
Jump to: navigation, search
m
m
 
Line 7: Line 7:
 
{{Cmd|apk add php-mysql mysql mysql-client php-zlib}}
 
{{Cmd|apk add php-mysql mysql mysql-client php-zlib}}
  
== Installing and configuring WordPress ==
+
== Installing and configuring SQLol ==
  
Create the ''webapps'' folder
+
Create a folder named {{Path|webapps}}
  
 
{{Cmd|mkdir -p /usr/share/webapps/}}
 
{{Cmd|mkdir -p /usr/share/webapps/}}
  
Change to the ''webapps'' folder and download the source files
+
Switch to the {{Path|webapps}} folder and download the source files
 
{{Cmd|cd /usr/share/webapps/
 
{{Cmd|cd /usr/share/webapps/
 
git clone git://github.com/SpiderLabs/SQLol.git}}
 
git clone git://github.com/SpiderLabs/SQLol.git}}
Line 30: Line 30:
 
{{Cmd|chown -R lighttpd /usr/share/webapps/}}
 
{{Cmd|chown -R lighttpd /usr/share/webapps/}}
  
Create a symlink to the ''sqlol'' folder
+
Create a symlink to the {{Path|sqlol}} folder
  
 
{{Cmd|ln -s /usr/share/webapps/sqlol/ /var/www/localhost/htdocs/sqlol}}
 
{{Cmd|ln -s /usr/share/webapps/sqlol/ /var/www/localhost/htdocs/sqlol}}
Line 40: Line 40:
 
/usr/bin/mysqladmin -u root password 'password'</nowiki>}}
 
/usr/bin/mysqladmin -u root password 'password'</nowiki>}}
  
==SQLol configuration==
+
== SQLol configuration ==
  
 
Please add the MySQL configuration details to the SQLol config file
 
Please add the MySQL configuration details to the SQLol config file

Latest revision as of 22:42, 27 January 2013

SQLol is a SQL injection playground which allows you to exploit and detect SQL injection flaws.

Install lighttpd, PHP, and MySql

For installing the additional packages first activate community packages:

vi /etc/apk/repositories

Uncomment the following:

http://pkg.example.com/alpine/v3.11/community

Update the packagelist:

apk update

Install the additional packages:

apk add lighttpd php7-common php7-iconv php7-json php7-gd php7-curl php7-xml php7-mysqli php7-imap php7-cgi fcgi php7-pdo php7-pdo_mysql php7-soap php7-xmlrpc php7-posix php7-mcrypt php7-gettext php7-ldap php7-ctype php7-dom

Configure Lighttpd

Edit lighttpd.conf

vi /etc/lighttpd/lighttpd.conf

Uncomment line:

include "mod_fastcgi.conf"


Edit mod_fastcgi.conf

vi /etc/lighttpd/mod_fastcgi.conf

Edit the section:

/usr/bin/php-cgi

To:

/usr/bin/php-cgi7

Start lighttpd service and add to needed runlevel

rc-service lighttpd start && rc-update add lighttpd default

Install extra packages:

apk add php-mysql mysql mysql-client php-zlib

Installing and configuring SQLol

Create a folder named webapps

mkdir -p /usr/share/webapps/

Switch to the webapps folder and download the source files

cd /usr/share/webapps/ git clone git://github.com/SpiderLabs/SQLol.git

Rename the folder

mv SQLol sqlol

Change the folder permissions

chown -R lighttpd /usr/share/webapps/

Create a symlink to the sqlol folder

ln -s /usr/share/webapps/sqlol/ /var/www/localhost/htdocs/sqlol

Configuration and start MySQL

/usr/bin/mysql_install_db --user=mysql /etc/init.d/mysql start && rc-update add mysql default /usr/bin/mysqladmin -u root password 'password'

SQLol configuration

Please add the MySQL configuration details to the SQLol config file

nano -w /usr/share/webapps/sqlol/includes/database.config.php

Browse to http://WEBSERVER_IP_ADDRESS/sqlol .