Add solutions for SQL Injection
This commit is contained in:
parent
05066f1c27
commit
c7093cd7a8
1 changed files with 22 additions and 0 deletions
22
Lab03 - Let's Buy Some Juice/README.md
Normal file
22
Lab03 - Let's Buy Some Juice/README.md
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
# Let's Buy Some Juice
|
||||||
|
## Booting Up Juice Shop
|
||||||
|
```sh
|
||||||
|
docker run --pull always -p 127.0.0.1:80:3000 bkimminich/juice-shop
|
||||||
|
```
|
||||||
|
|
||||||
|
## SQL Injection
|
||||||
|
### Login as Admin
|
||||||
|
1. Open `Account` => `Login`
|
||||||
|
2. Type `' OR TRUE; --` into `Email` and any password in `Password`
|
||||||
|
|
||||||
|
Result:
|
||||||
|
|
||||||
|
<!--- ToDo: Insert Picture -->
|
||||||
|
|
||||||
|
### Login as Jim
|
||||||
|
1. Open `Account` => `Login`
|
||||||
|
2. Type `jim@juice-sh.op'; --`
|
||||||
|
|
||||||
|
Result:
|
||||||
|
|
||||||
|
<!--- ToDo: Insert Picture -->
|
Loading…
Reference in a new issue