GitHub - phyo6hu/sqli-postgres-rce-privesc-hacking-playground: Application with SQL Injection vulnerability and possible privilege escalation. Free vulnerable app for ethical hacking / penetration testing training.

Vulnerable Web App: sqli-postgres-rce-privesc-hacking-playground

This is free vulnerable app for novice pentesters & developers to experiment with SQL Injection vulnerability and privilege escalation.

Recommended path:

exploit the SQLi vulnerability
get shell via vulnerable version of PostgreSQL
perform privilage escalation and become root 🥂

Applications can be exploited in many different ways:

How to use it - DOCKER

1 minute installation on a virtual machine or VPS with Linux.

Linux@amd64 (Intel processors):
docker run -p 8091:80 -d filipkarc/sqli-postgres-rce-privesc-hacking-playground


Linux@AppleSilicon (tested on Apple M1):
docker run -p 8091:80 -d filipkarc/sqli-postgres-rce-privesc-hacking-playground:arm64apple

After 2 minutes, it should be visible in the browser: http://127.0.0.1:8091

Follow me

Follow me on Twitter @FilipKarc and on LinkedIn: LinkedIn.

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
custom		custom
img		img
CONTACT.txt		CONTACT.txt
GREETINGS.txt		GREETINGS.txt
LICENSE.txt		LICENSE.txt
README.md		README.md
docker-compose.yml		docker-compose.yml

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Vulnerable Web App: sqli-postgres-rce-privesc-hacking-playground

How to use it - DOCKER

Follow me

About

Releases

Packages

Languages

License

phyo6hu/sqli-postgres-rce-privesc-hacking-playground

Folders and files

Latest commit

History

Repository files navigation

Vulnerable Web App: sqli-postgres-rce-privesc-hacking-playground

How to use it - DOCKER

Follow me

About

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages