first commit

Dockerfile

@@ -0,0 +1,5 @@
+FROM php:7.4-apache
+RUN apt-get update
+RUN apt-get install -y wget vim git zip unzip zlib1g-dev libzip-dev libpng-dev
+RUN docker-php-ext-install mysqli pdo pdo_mysql
+RUN mkdir -p /var/www/html/

README.md

@@ -0,0 +1,50 @@
+# Project Title
+
+A Docker-compose file for the sqli-labs by @[Audi1](https://github.com/Audi-1) which was update to php7 by @[skyblueee](https://github.com/skyblueee). 
+
+
+### Prerequisites
+
+There are few things needed for running the lab
+```
+Docker 
+python-pip
+docker-compose
+```    
+
+### Installation 
+
+For Docker installation you can click [here](https://docs.docker.com/engine/install/). 
+
+For Python installation check [here](https://www.python.org/downloads/).
+
+In windows pip is installed along with since python version 3.4 where as linux users need to install it separately.
+
+To install docker-compose run the command below:
+```
+pip install docker-compose
+```
+
+
+### Running the docker-compose file
+Use your preferred terminal application and type the following command.
+```
+docker-compose up
+```
+
+### Playing around with the lab
+
+
+Sqli lab is hosted at [http://localhost:8000](http://localhost:8000) 
+
+phpmyadmin is hosted at [http://localhost:8080](http://localhost:8080)
+
+Credentials for phpmyadmin:
+
+username: **root**
+
+password: **secret**
+
+### Youtube tutorials for the labs 
+
+By Audi1 @[Youtube](https://www.youtube.com/playlist?list=PLkiAz1NPnw8qEgzS7cgVMKavvOAdogsro)

docker-compose.yml

@@ -0,0 +1,40 @@
+version: "3.7"
+services:
+# This is the main web server container that uses php:7.4-apache image with some mysql addons  
+  web-server:
+    build: 
+      dockerfile: Dockerfile
+      context: .
+    restart: always
+    volumes:
+      - "./sqli-labs:/var/www/html/"
+    ports:
+      - "8000:80"
+    depends_on:
+      - db
+
+# This is a simple mysql docker container
+  db:
+    image: mysql:latest 
+    command:  --general_log --general_log_file=/var/log/mysql/mysql.log
+    restart: always
+    environment:
+      MYSQL_ROOT_PASSWORD: secret
+    volumes:
+      - ./db/log:/var/log/mysql:Z
+      - "sql-data:/var/lib/mysql:rw"
+
+
+# This is just a phpmyadmin sontainer to monitor the db as the videos sometimes show interaction with the database directly if you don't want it you can comment it out.       
+  phpmyadmin:
+    image: phpmyadmin/phpmyadmin:latest
+    restart: always
+    environment:
+      PMA_HOST: db
+      PMA_USER: root
+      PMA_PASSWORD: secret
+    ports:
+      - "8080:80"
+
+volumes:
+  sql-data:

sqli-labs/Less-1/index.php

@@ -0,0 +1,62 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>Less-1 **Error Based- String**</title>
+</head>
+
+<body bgcolor="#000000">
+<div style=" margin-top:70px;color:#FFF; font-size:23px; text-align:center">Welcome&nbsp;&nbsp;&nbsp;<font color="#FF0000"> Dhakkan </font><br>
+<font size="3" color="#FFFF00">
+
+
+<?php
+//including the Mysql connect parameters.
+include("../sql-connections/sqli-connect.php");
+error_reporting(0);
+// take the variables 
+if(isset($_GET['id']))
+{
+$id=$_GET['id'];
+//logging the connection parameters to a file for analysis.
+$fp=fopen('result.txt','a');
+fwrite($fp,'ID:'.$id."\n");
+fclose($fp);
+
+// connectivity 
+
+
+$sql="SELECT * FROM users WHERE id='$id' LIMIT 0,1";
+// $sql="SELECT * FROM users WHERE id='0' union select 1,2,3 -- ' LIMIT 0,1";
+// $sql="SELECT * FROM users WHERE id='0' union select 1,2,3 # ' LIMIT 0,1";
+$result=mysqli_query($con1, $sql);
+$row = mysqli_fetch_array($result, MYSQLI_BOTH);
+
+	if($row)
+	{
+  	echo "<font size='5' color= '#99FF00'>";
+  	echo 'Your Login name:'. $row['username'];
+  	echo "<br>";
+  	echo 'Your Password:' .$row['password'];
+  	echo "</font>";
+  	}
+	else 
+	{
+	echo '<font color= "#FFFF00">';
+	print_r(mysqli_error($con1));
+	echo "</font>";  
+	}
+}
+	else { echo "Please input the ID as parameter with numeric value";}
+
+?>
+</font> </div></br></br></br><center>
+<img src="../images/Less-1.jpg" /></center>
+</body>
+</html>
+
+
+
+
+
+

sqli-labs/Less-1/result.txt

@@ -0,0 +1,135 @@
+ID:1
+ID:1
+ID:1]
+ID:1]
+ID:1]
+ID:1\
+ID:1'
+ID:1'
+ID:1\
+ID:1' -- 
+ID:1' 
+ID:1'  
+ID:1'  --
+ID:1'  --
+ID:1'  -- 
+ID:1' union select 1,database(),3 -- 
+ID:0' union select 1,database(),3 -- 
+ID:0' union select 1,database(),3 
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1‘ union select 1,2,3 #
+ID:1‘ union select 1,2,3 #
+ID:-1‘ union select 1,2,3 #
+ID:-1‘ union select 1,2,3 #
+ID:-1‘ union select 1,2,3 -- 
+ID:-1‘ union select 1,2,3 -- 
+ID:-1‘ union select 1,2,3 -- 
+ID:-1‘ union select 1,2,3 -- 
+ID:-1‘ union select 1,2,3 -- 
+ID:-1‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3 -- 
+ID:0‘ union select 1,2,3  -- 
+ID:0‘ union select 1,2,3
+ID:0’ union select 1,2,3
+ID:1
+ID:1'
+ID:1' union  select 1,2,3 -- 
+ID:-1' union  select 1,2,3 -- 
+ID:-1' union  select 1,2,3 #
+ID:-1' union  select 1,2,3 #
+ID:-1' union  select 1,2,3 #
+ID:-1' union  select 1,2,3 
+ID:-1' union  select 1,2,3 #
+ID:1
+ID:1\
+ID:1' union  select 1,2,3 -- 
+ID:1' union  select 1,2,3 #
+ID:-1' union  select 1,2,3 #
+ID:1'
+ID:1 -- 
+ID:1 union select 1,2,3 -- 
+ID:-1 union select 1,2,3 -- 
+ID:-1' union select 1,2,3 -- 
+ID:1\
+ID:1
+ID:1
+ID:1
+ID:1
+ID:1' -- 
+ID:1' or 1==1 -- 
+ID:1' or 1=1 -- 
+ID:100' -- 
+ID:100' or 1=1 -- 
+ID:1' and database() regexp '[a-z]' -- 
+ID:1' and database() regexp '[a-z]' -- 
+ID:1' --
+ID:1\
+ID:1' -- 
+ID:1' --
+ID:1' -- 
+ID:1'; -- 
+ID:1' union select 1,2,3 ; -- 
+ID:0' union select 1,2,3 ; -- 
+ID:2

sqli-labs/Less-10/index.php

@@ -0,0 +1,59 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
+<title>Less-10 Blind- Time based- Double Quotes- String</title>
+</head>
+
+<body bgcolor="#000000">
+<div style=" margin-top:60px;color:#FFF; font-size:23px; text-align:center">Welcome&nbsp;&nbsp;&nbsp;<font color="#FF0000"> Dhakkan </font><br>
+<font size="3" color="#FFFF00">
+
+
+<?php
+//including the Mysql connect parameters.
+include("../sql-connections/sqli-connect.php");
+error_reporting(0);
+
+// take the variables
+if(isset($_GET['id']))
+{
+$id=$_GET['id'];
+//logging the connection parameters to a file for analysis.
+$fp=fopen('result.txt','a');
+fwrite($fp,'ID:'.$id."\n");
+fclose($fp);
+
+// connectivity 
+
+$id = '"'.$id.'"';
+$sql="SELECT * FROM users WHERE id=$id LIMIT 0,1";
+$result=mysqli_query($con1, $sql);
+$row = mysqli_fetch_array($result, MYSQLI_BOTH);
+
+	if($row)
+	{
+  	echo '<font size="5" color="#FFFF00">';	
+  	echo 'You are in...........';
+  	echo "<br>";
+    	echo "</font>";
+  	}
+	else 
+	{
+
+	echo '<font size="5" color="#FFFF00">';
+	echo 'You are in...........';
+	//print_r(mysqli_error($con1));
+	//echo "You have an error in your SQL syntax";
+	echo "</br></font>";	
+	echo '<font color= "#0000ff" font size= 3>';	
+
+	}
+}
+	else { echo "Please input the ID as parameter with numeric value";}
+
+?>
+</font> </div></br></br></br><center>
+<img src="../images/Less-10.jpg" /></center>
+</body>
+</html>

sqli-labs/Less-10/result.txt

@@ -0,0 +1,7 @@
+ID:1
+ID:1\
+ID:1\\\
+ID:1' union select 1,2,3 into outfile '/var/www/html/sqli-labs/Less-10/u.txt'  -- 
+ID:1') union select 1,2,3 into outfile '/var/www/html/sqli-labs/Less-10/u.txt'  -- 
+ID:1") union select 1,2,3 into outfile '/var/www/html/sqli-labs/Less-10/u.txt'  -- 
+ID:1" union select 1,2,3 into outfile '/var/www/html/sqli-labs/Less-10/u.txt'  --