SQL Injections (SQLi) Lab

Infosec Learning
Virtual Lab

The development of this document is funded by the Boston Area Advanced Technological Education Connections (BATEC) Grant No. NSF-0703097 thru Bunker Hill Community College. An SQL injection (SQLi) is the process of injecting unauthorized characters into SQL query statement in order to alter a response. In this lab, we will demonstrate three phases ...

Time
1 hour 30 minutes
Difficulty
Intermediate
Share
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Overview

The development of this document is funded by the Boston Area Advanced Technological Education Connections (BATEC) Grant No. NSF-0703097 thru Bunker Hill Community College.

An SQL injection (SQLi) is the process of injecting unauthorized characters into SQL query statement in order to alter a response. In this lab, we will demonstrate three phases of security (exploitation, analysis, and mitigation) in order to get a better understanding of why SQLi occur and how they can potentially be stopped.