Application with SQL Injection vulnerability and possible privilege escalation

Overview

screen

Vulnerable Web App: sqli-postgres-rce-privesc-hacking-playground

This is free vulnerable app for novice pentesters & developers to experiment with SQL Injection vulnerability and privilege escalation.

Recommended path:

  1. exploit the SQLi vulnerability
  2. get shell via vulnerable version of PostgreSQL
  3. perform privilage escalation and become root 🥂

Applications can be exploited in many different ways:

screen

How to use it - DOCKER

1 minute installation on a virtual machine or VPS with Linux.

Linux@amd64 (Intel processors):
docker run -p 8091:80 -d filipkarc/sqli-postgres-rce-privesc-hacking-playground


Linux@AppleSilicon (tested on Apple M1):
docker run -p 8091:80 -d filipkarc/sqli-postgres-rce-privesc-hacking-playground:arm64apple

After 2 minutes, it should be visible in the browser: http://127.0.0.1:8091

Contact

Feel free to contact me on Twitter @FilipKarc.

Be sure to follow me on LinkedIn: LinkedIn.

You might also like...
World countries - available in multiple languages, in CSV, JSON, PHP, SQL and XML formats

Constantly updated lists of world countries and their associated alpha-2, alpha-3 and numeric country codes as defined by the ISO 3166 standard, available in CSV, JSON , PHP, SQL and XML formats, in multiple languages and with national flags included; also available are the ISO 3166-2 codes of provinces/ states associated with the countries

A bot written in PHP which attempts to link IRC with SQL database, allowing for integration between platforms

Valeyard IRC-SQL-GateWay A bot written in PHP which attempts to link IRC with SQL database, allowing for integration between platforms. This bot is mo

CRUD PHP, SQL PDO

PHP-Mastering CRUD em PHP usando MySQL PDO; Configure a ficheiro config.php de acordo com a sua configuração da base de dados PHP CRUD using PDO MySQL

First SQL Project - HTML, Bootstrap, PHP enabling CRUD from web
First SQL Project - HTML, Bootstrap, PHP enabling CRUD from web

DB-Project First SQL Project with HTML, Bootstrap, PHP enabling CRUD from web Java for mocking data, enabling .csv input Idea This model corresponds t

A lightweight SQL generation library.

Atlas A lightweight SQL builder library without any query execution or database connection requirements. The primary goals of this package are: To pro

PHP tool to scan ADOdb code for SQL Injections

PHP-Reaper PHP tool to scan ADOdb code for SQL Injections Why The main idea is to be able to detect problems as early as possible, when the code is fr

Provides an object-oriented API to query in-memory collections in a SQL-style.

POQ - PHP Object Query Install composer require alexandre-daubois/poq 1.0.0-beta2 That's it, ready to go! 🎉 Usage Here is the set of data we're going

Minimalist PHP frame for Core-Library, for Developing PHP application that gives you the full control of your application.

LazyPHP lightweight Pre-Made Frame for Core-library Install Run the below command in your terminal $ composer create-project ryzen/lazyphp my-first-pr

This plugin can be embedded in PHP application to give the web application specific routes/href

Routes Plugin PHP This plugin can be embedded in PHP application to give the web application specific routes/href location and for entering specific/l

Owner
Filip Karczewski
Ethical Hacker | Penetration Tester | Hacking around the World: Web Apps, Mobile Android & iOS Applications and Containers 🏴‍☠️🦜
Filip Karczewski
A dockerized PHP application containing some file upload vulnerability challenges (scenarios)

File Upload Vulnerability Scenarios (Challenges) This repository is a dockerized PHP application containing some file upload vulnerability challenges

Moein Fatehi 15 Dec 23, 2022
Major Security Vulnerability on PrestaShop Websites - CVE-2022-31101

Fix Major Security Vulnerability on PrestaShop Websites ?? CVE-2022-31101 detector and fixer! A newly found exploit could allow remote attackers to ta

Mathias Reker ⚡️ 25 Nov 22, 2022
Admidio is a free open source user management system for websites of organizations and groups. The system has a flexible role model so that it’s possible to reflect the structure and permissions of your organization.

Admidio Admidio is a free open source user management system for websites of organizations and groups. The system has a flexible role model so that it

Admidio 212 Dec 30, 2022
Execute time consuming tasks as late as possible in a request

Procrastinator for PHP: do stuff later A few classes to help you executing complicated tasks (like sending mails) later. Example using fastcgi_finish_

Lars Strojny 62 Apr 29, 2021
This package is used to validate the telephone numbers of the countries taken into account. It also makes it possible to verify that a number is indeed a number of an operator X

phone-number-checker This package is used to validate the telephone numbers of the countries taken into account. It also makes it possible to verify t

faso-dev 4 Feb 7, 2022
Deploying K3s to hetzner in the most ridiculous way possible: KISS

Deploying K3s to hetzner in the most ridiculous way possible: Keep it simply stupid. WTF is this? After experimenting with a few managed k8s installat

Rob Landers 3 May 31, 2022
This extensions makes it possible to modify the TCA of container children elements

This extensions makes it possible to modify the TCA of container children elements

Georg Ringer 6 Oct 24, 2022
An all-in-one package with the minimum third-party requirements to get started as quickly as possible with Pokemod Atlas

Pokemod Atlas All-In-One An all-in-one package with the minimum third-party requirements to get started as quickly as possible with Pokemod Atlas. ❤️

Pokemod 12 Oct 10, 2022
FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities

FUGIO FUGIO is the first automatic exploit generation (AEG) tool for PHP object injection (POI) vulnerabilities. When exploiting a POI vulnerability,

KAIST Web Security and Privacy Lab 53 Dec 23, 2022
A lightweight php class for formatting sql statements. Handles automatic indentation and syntax highlighting.

A lightweight php class for formatting sql statements. Handles automatic indentation and syntax highlighting.

Doctrine 1.4k Dec 29, 2022