- Notifications
You must be signed in to change notification settings - Fork23
Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.
License
filipkarc/sqli-postgres-rce-privesc-hacking-playground
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
This is free vulnerable app for novice pentesters & developers to experiment with SQL Injection vulnerability and privilege escalation.
Recommended path:
- exploit the SQLi vulnerability
- get shell via vulnerable version of PostgreSQL
- perform privilage escalation and become root 🥂
Applications can be exploited in many different ways:
1 minute installation on a virtual machine or VPS with Linux.
Linux@amd64 (Intel processors):docker run -p 8091:80 -d filipkarc/sqli-postgres-rce-privesc-hacking-playgroundLinux@AppleSilicon (tested on Apple M1):docker run -p 8091:80 -d filipkarc/sqli-postgres-rce-privesc-hacking-playground:arm64appleAfter 2 minutes, it should be visible in the browser:http://127.0.0.1:8091
Follow me onTwitter @FilipKarc and on LinkedIn:LinkedIn.
About
Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.
Topics
Resources
License
Uh oh!
There was an error while loading.Please reload this page.
Stars
Watchers
Forks
Contributors2
Uh oh!
There was an error while loading.Please reload this page.