Thursday, July 21, 2011

Trying SQL Injection on Your Own

Hey, if after our last couple of posts, you feel like your SQL fu is up to snuff and want to get your hands on a real vulnerable web app that maybe doesn't have the answers all leaked out, then check this out.


Head on over to  http://csis.pace.edu/~lchen/sweet and download the vulnerable app they're hosting in VM or Virtualbox format. Stand up that server and follow these two guides, 5 - Security Testing and 6 - Vulnerability Management .

The Ubuntu web server is running BadStore, which you can alternately register for and download here: http://www.badstore.net  Either way, you're going to be able to run SQL Injection and XSS vulns against this web app and database.

Try it out!

5 comments:

  1. Excellent reading materiel.
    this and the latest sql post's as well.
    cheers!

    ReplyDelete
  2. Thanks! I'm really glad your found this stuff as helpful as I do!

    ReplyDelete
  3. INSTEAD OF GETTING A LOAN, CHECK OUT THE BLANK ATM CARD IN LESS THAN 24hours {blankatmhaker@gmail.com}

    Am Mark Oscar,I want to testify about Jack Robert blank ATM cards which can withdraw money from any ATM machines around the world. I was very poor before and have no hope then I saw so many testimony about how Jack Robert send them the ATM blank card and use it to collect money in any ATM machine and become rich. I also email him and he sent me the blank card. I have use it to get 70,000 dollars. withdraw the maximum of $5,000 daily. Jack Robert is giving out the card just to help the poor. Hack and take money directly from any ATM Machine Vault with the use of ATM Programmed Card which runs in automatic mode. email Him on how to get it now via: blankatmhaker@gmail.com or call/Text on +1(406) 350-4986

    ReplyDelete
  4. Hello everyone i just want to share my experience with you all. I have being hearing about this blank ATM card for a while and i never really paid any interest to it because of my doubts. They are really good at what they are doing. Back to the point, I inquired about The Blank ATM Card. If it works or even Exist.
    They told me Yes and that its a card programmed for random money withdraws without being noticed also has a technique that makes it impossible for the CCTVs to detect you can also be used for free online purchases of any kind. This was shocking and i still had my doubts. Then i gave it a try and asked for the card and agreed to their terms and conditions.
    Two days later i received my card and tried with the closest ATM machine close to me
    It worked like magic. I was able to withdraw up to $1,000 daily. This Cards comes in Visa/MasterCard. Therefore it works at any ATM Machine that accept Visa/MasterCard Worldwide. This was unbelievable and the happiest day of my life. So far i have being able to withdraw up to $20,000 without any stress of being caught. I don't know why i am posting this here, i just felt this might help those of us in need of financial stability. Mrs Susan has really change my life. If you want to contact them, Here is the email address}} atmmachine137@gmail.com
    And I believe they will also change your life too.
    Email: atmmachine137@gmail.com

    ReplyDelete
  5. If you are looking for hack snapchat password then you must visit the mentioned website to hack snapchat

    ReplyDelete