SQL is not Initiated
pythonmaster41 opened this issue · 62 comments
Hi Audi,
I am trying to install this using git clone and when I try to initiate the DB Reset I am not getting anything. And apache logs are giving me below
::1 - - [13/Jun/2017:14:18:13 -0400] "GET /sqli-labs/sql-connections/setup-db.php HTTP/1.1" 500 848 "http://localhost/sqli-labs/" "Mozilla/5.0 (X11; Linux i686; rv:45.0) Gecko/20100101 Firefox/45.0"
I tried everything and seems not working. Any hints on solving this ? Thanks
Hey pythonmaster41,
I would recommend you to use the new generation installer, which is docker.
The link you may need is here : https://github.com/tuxotron/Audi_SQLi_lamp_container/tree/master/Audi_SQLi_lamp_container
Thanks Adithya. i will try and let you know if that solved the issue
I have the same issue :(
I found some extension were deprecated in PHP 5.5.0, example of "sql_connect()" ,and some were removed in PHP 7.0.0.Must I using it under PHP 5.5.0?
NEED HELP. Does anyone know what's wrong with this?
SETTING UP THE DATABASE SCHEMA AND POPULATING DATA IN TABLES:
\n";} else {echo "[*]...................Error purging database: " . mysql_error(); echo "
\n";} //Creating new database security $sql="CREATE database security
CHARACTER SET gbk
"; if (mysql_query($sql)) {echo "[*]...................Creating New database 'SECURITY' successfully";echo "
\n";} else {echo "[*]...................Error creating database: " . mysql_error();echo "
\n";} //creating table users $sql="CREATE TABLE security.users (id int(3) NOT NULL AUTO_INCREMENT, username varchar(20) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (id))"; if (mysql_query($sql)) {echo "[*]...................Creating New Table 'USERS' successfully";echo "
\n";} else {echo "[*]...................Error creating Table: " . mysql_error();echo "
\n";} //creating table emails $sql="CREATE TABLE security.emails ( id int(3)NOT NULL AUTO_INCREMENT, email_id varchar(30) NOT NULL, PRIMARY KEY (id) )"; if (mysql_query($sql)) {echo "[*]...................Creating New Table 'EMAILS' successfully"; echo "
\n";} else {echo "[*]...................Error creating Table: " . mysql_error();echo "
\n";} //creating table uagents $sql="CREATE TABLE security.uagents ( id int(3)NOT NULL AUTO_INCREMENT, uagent varchar(256) NOT NULL, ip_address varchar(35) NOT NULL, username varchar(20) NOT NULL, PRIMARY KEY (id) )"; if (mysql_query($sql)) {echo "[*]...................Creating New Table 'UAGENTS' successfully";echo "
\n";} else {echo "[*]...................Error creating Table: " . mysql_error();echo "
\n";} //creating table referers $sql="CREATE TABLE security.referers ( id int(3)NOT NULL AUTO_INCREMENT, referer varchar(256) NOT NULL, ip_address varchar(35) NOT NULL, PRIMARY KEY (id) )"; if (mysql_query($sql)) {echo "[*]...................Creating New Table 'REFERERS' successfully";echo "
\n";} else {echo "[*]...................Error creating Table: " . mysql_error();echo "
\n";} //inserting data $sql="INSERT INTO security.users (id, username, password) VALUES ('1', 'Dumb', 'Dumb'), ('2', 'Angelina', 'I-kill-you'), ('3', 'Dummy', 'p@ssword'), ('4', 'secure', 'crappy'), ('5', 'stupid', 'stupidity'), ('6', 'superman', 'genious'), ('7', 'batman', 'mob!le'), ('8', 'admin', 'admin'), ('9', 'admin1', 'admin1'), ('10', 'admin2', 'admin2'), ('11', 'admin3', 'admin3'), ('12', 'dhakkan', 'dumbo'), ('14', 'admin4', 'admin4')"; if (mysql_query($sql)) {echo "[*]...................Inserted data correctly into table 'USERS'";echo "
Hi Audi team ,
After setting up project ,Clicik on "Setup/reset Database for labs" I am getting below error
Fatal error: Uncaught Error: Call to undefined function mysql_connect() in /var/www/html/sqli-labs-master/sql-connections/setup-db.php:29 Stack trace: #0 {main} thrown in /var/www/html/sqli-labs-master/sql-connections/setup-db.php on line 29
my php version
root@kali:/# php --version
PHP 7.0.22-3 (cli) (built: Aug 23 2017 05:51:41) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Hi,
MySQL functions were removed in PHP 7, but we can use MySQLi functions instead.
If you have issues when installing this on PHP 7, try using my repository.
Hi,
One hour later , I see this issue : (
@M3chD09
Hi M3chD09 ,
I cloned your sqli-libs , but it's still error . I feel my hair is getting thinner again : (
Ubuntu 18.04 && PHP 7.2
@M3chD09
Hi M3chD09 ,
I cloned your sqli-libs , but it's still error . I feel my hair is getting thinner again : (
Ubuntu 18.04 && PHP 7.2
Hi Cukuyo ,
Could you tell me more detailed information? For example, the commands you used and the errors you got when installing this.
@M3chD09
Hi M3chD09 ,
I cloned your sqli-libs , but it's still error . I feel my hair is getting thinner again : (
Ubuntu 18.04 && PHP 7.2Hi Cukuyo ,
Could you tell me more detailed information? For example, the commands you used and the errors you got when installing this.
OK , M3chD09 .
I used about these .
- sudo apt install mysql-server , sudo apt install apache
- enter mysql and use 'UPDATE mysql.user SET authentication_string=PASSWORD('root'), PLUGIN='mysql_native_password' WHERE USER='root';'
- sudo apt install php //default to install php7
- sudo vim db-creds.inc //change password
- last , I used browser access the sql-labs folder to load index.html , and clicked
@M3chD09
Hi M3chD09 ,
I cloned your sqli-libs , but it's still error . I feel my hair is getting thinner again : (
Ubuntu 18.04 && PHP 7.2Hi Cukuyo ,
Could you tell me more detailed information? For example, the commands you used and the errors you got when installing this.OK , M3chD09 .
I used about these .
- sudo apt install mysql-server , sudo apt install apache
- enter mysql and use 'UPDATE mysql.user SET authentication_string=PASSWORD('root'), PLUGIN='mysql_native_password' WHERE USER='root';'
- sudo apt install php //default to install php7
- sudo vim db-creds.inc //change password
- last , I used browser access the sql-labs folder to load index.html , and clicked
Hi Cukuyo ,
My repository has two branches, making sure you have cloned branch php7.
Also, make sure php-mysql is installed.
git clone -b php7 https://github.com/M3chD09/sqli-labs
sudo apt install php-mysql
@M3chD09
Right!M3chD09 , I solved it .
After I used git clone -b php7
and sudo apt install php-mysql
, it still can't work . I looked at it , I guess the php code wasn't executed .
I used about these commands to make it work .
sudo apt-get install php7.2-gd php7.2-mbstring php7.2-xml
sudo apt install libapache2-mod-php
sudo apt-get install composer
sudo apt-get install apache2-dev
sudo apt-get install php7.2-dev
Luckly , it worked . But telled me can't connect the database security . I checked the set-up.php .
$con = new mysqli($host,$dbuser,$dbpass,$dbname);
In the set-up.php , It connects the security database first , and then deletes it and creates it .
I think this is a wrong logic .
The solution is to create an empty database called security .
Hello guys, i'm kinda new to this sort of stuff. I've recently installed the lab as per the instructed steps. Currently, i'm facing the issue of 'not getting the localhost/sqli-labs loaded up on my browser'.
Also, @M3chD09 and @Cukuyo , i utilised your repos and commands but still no relief from the issue. I'm banking on you guys to help me resort this issue.
ISSUE :
Not Found
The requested URL /sqli-labs was not found on this server.
Apache/2.4.27 (Debian) Server at localhost Port 80
@Cukuyo
Hi Cukuyo,
Thanks for the input. I did get the webpage but i'm confronted with a new 'Error message ' on the 'Database Part'. Regarding the 'db-creds.inc', am i supposed to input my login credentials of my kali or do i need to provide the login credentials for MySQL( i have'nt set up an account for MySQL on Kali machine before as i didn't use Mysql before on this machine).
@Torreira
Hi , Torreira .
Make sure you put it in the right place . You should put it in this path '/var/www/html/' , this path is the default path of Apache2 .
Another , @M3chD09 , although I run it successly , it didn't give error info when I input error id parameter , like less-1 and less-2 .
same issue here: no errors such as "your sql syntax has an error... etc"
@Torreira
Hi , Torreira .
There is a sqli-labs database configuration file called db-creds.inc under foldersqli-labs/sql-connections/ . You are supposed to change the default username and password .
@halfluke
Hi , halfluke .
I think I find found the root of the problem .
At first I thought it was the problem of PHP , but maybe this question comes from mysql .
@Cukuyo
Hi Cukuyo, yes i'm aware of the 'Db-creds.inc' file present inside sql-connections and do i need to change it( default ones) to my Kali machine's ( username and password ) or the 'MySql's username and password?
@Cukuyo
Hi Cukuyo, yes i'm aware of the 'Db-creds.inc' file present inside sql-connections and do i need to change it( default ones) to my Kali machine's ( username and password ) or the 'MySql's username and password?
Mysql ones . Must also be an account with administrator privileges (just use root one) , for creating database .
@Cukuyo
Hi Cukuyo, yes i'm aware of the 'Db-creds.inc' file present inside sql-connections and do i need to change it( default ones) to my Kali machine's ( username and password ) or the 'MySql's username and password?
Give a password to your mysql installation, I think it may not work with a blank password, then set the same user and password in db-creds.inc
@Torreira
Hi , Torreira .
There is a sqli-labs database configuration file called db-creds.inc under foldersqli-labs/sql-connections/ . You are supposed to change the default username and password .
@halfluke
Hi , halfluke .
I think I find found the root of the problem .
At first I thought it was the problem of PHP , but maybe this question comes from mysql .
not sure of the difference but I have no time to check.
I found this one that works fine:
https://github.com/Rinkish/Sqli_Edited_Version
@halfluke
Hi , halfluke .
That works fine !
@Torreira
Hi , Torreira , use this repo git clone https://github.com/Rinkish/Sqli_Edited_Version.git
.
And following commands are my mysql installation with Ubuntu 18 .
sudo apt install mysql-server
sudo apt install php7.2-mysql
mysql -uroot -p
//enter mysql
UPDATE mysql.user SET authentication_string=PASSWORD('root'), PLUGIN='mysql_native_password' WHERE USER='root';
//change password to 'root'
@Cukuyo I have cloned the above repo now. But, was'nt quite successful with the 'installation of mysql-server'.Also, should i use this(apt-get install mariadb-server) as an alternative to mysql ?Here's the error screen that i'm getting.
@Cukuyo I have cloned the above repo now. But, was'nt quite successful with the 'installation of mysql-server'.Also, should i use this(apt-get install mariadb-server) as an alternative to mysql ?Here's the error screen that i'm getting.
yes, mariadb-server should be the one
You can still start it with: service mysql start
Double check the way to change the root password
@halfluke Was able to login successfully. Thank you. But, i'm unable to set-up the DB.
@halfluke Was able to login successfully. Thank you. But, i'm unable to set-up the DB.
Post your db-creds.inc configuration
so now you have an issue that I think I had in the past and I can't remember how I solved it.
Something like this: dbeaver/dbeaver#3524
So are you saying that you can connect to mariadb from a terminal with: mysql -u root -p
and then entering password 'root' ?
If you can - directly as root@kali without sudo, but the connection from db-creds.inc / sqlilabs doesn't work, you have to research about this.
Perhaps you can start by setting the mariadb root password the same as your kali root password
@halfluke
1.So are you saying that you can connect to mariadb with mysql -u root -p
and then entering password 'root' ? (YES)
2.Perhapas you can start by setting the mariadb root password the same as your kali root password (WILL TRY WITH THIS!Thanks)
@halfluke I'm able to see the Databases via terminal but currently unable to play around with the excercises/tasks.
Come on mate, it's /?id=1, not /id=1
Hii, anyone got any solution for this dB. Whenever I clicked setup/reset Database for labs it just redirect and nothing happens.. I'm using backbox which is based on Ubuntu 16.04 php-7.. I made few changes.. all works.. except these..
Hi,
@halfluke @Torreira @Cukuyo @M3chD09 @PrashanthBanapur @88iwantmore88
Please check the repo https://github.com/mukkul007/sqli-labs-kali2
The changes are made so as to make it run over kali 2.0 which uses php7 and mariadb. ALl of the challenges are accessible in this updated lab
SETTING UP THE DATABASE SCHEMA AND POPULATING DATA IN TABLES:
\n";} else {echo "[*]...................Error purging database: " . mysql_error(); echo "
\n";} //Creating new database security $sql="CREATE database
security
CHARACTER SETgbk
"; if (mysql_query($sql)) {echo "[*]...................Creating New database 'SECURITY' successfully";echo "\n";} else {echo "[*]...................Error creating database: " . mysql_error();echo "
\n";} //creating table users $sql="CREATE TABLE security.users (id int(3) NOT NULL AUTO_INCREMENT, username varchar(20) NOT NULL, password varchar(20) NOT NULL, PRIMARY KEY (id))"; if (mysql_query($sql)) {echo "[*]...................Creating New Table 'USERS' successfully";echo "
\n";} else {echo "[*]...................Error creating Table: " . mysql_error();echo "
\n";} //creating table emails $sql="CREATE TABLE security.emails ( id int(3)NOT NULL AUTO_INCREMENT, email_id varchar(30) NOT NULL, PRIMARY KEY (id) )"; if (mysql_query($sql)) {echo "[*]...................Creating New Table 'EMAILS' successfully"; echo "
\n";} else {echo "[*]...................Error creating Table: " . mysql_error();echo "
\n";} //creating table uagents $sql="CREATE TABLE security.uagents ( id int(3)NOT NULL AUTO_INCREMENT, uagent varchar(256) NOT NULL, ip_address varchar(35) NOT NULL, username varchar(20) NOT NULL, PRIMARY KEY (id) )"; if (mysql_query($sql)) {echo "[*]...................Creating New Table 'UAGENTS' successfully";echo "
\n";} else {echo "[*]...................Error creating Table: " . mysql_error();echo "
\n";} //creating table referers $sql="CREATE TABLE security.referers ( id int(3)NOT NULL AUTO_INCREMENT, referer varchar(256) NOT NULL, ip_address varchar(35) NOT NULL, PRIMARY KEY (id) )"; if (mysql_query($sql)) {echo "[*]...................Creating New Table 'REFERERS' successfully";echo "
\n";} else {echo "[*]...................Error creating Table: " . mysql_error();echo "
\n";} //inserting data $sql="INSERT INTO security.users (id, username, password) VALUES ('1', 'Dumb', 'Dumb'), ('2', 'Angelina', 'I-kill-you'), ('3', 'Dummy', 'p@ssword'), ('4', 'secure', 'crappy'), ('5', 'stupid', 'stupidity'), ('6', 'superman', 'genious'), ('7', 'batman', 'mob!le'), ('8', 'admin', 'admin'), ('9', 'admin1', 'admin1'), ('10', 'admin2', 'admin2'), ('11', 'admin3', 'admin3'), ('12', 'dhakkan', 'dumbo'), ('14', 'admin4', 'admin4')"; if (mysql_query($sql)) {echo "[*]...................Inserted data correctly into table 'USERS'";echo "
I think you have to check the password which you have given to the mysql and in the sqli-labs folder under db creds file
Hi Audi team ,
After setting up project ,Clicik on "Setup/reset Database for labs" I am getting below error
Fatal error: Uncaught Error: Call to undefined function mysql_connect() in /var/www/html/sqli-labs-master/sql-connections/setup-db.php:29 Stack trace: #0 {main} thrown in /var/www/html/sqli-labs-master/sql-connections/setup-db.php on line 29
my php version
root@kali:/# php --version
PHP 7.0.22-3 (cli) (built: Aug 23 2017 05:51:41) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Hi @PrashanthBanapur I resolved this issue
It's the PHP version too high, please use under 5.5 version then it's OK.
Hi Audi team ,
After setting up project ,Clicik on "Setup/reset Database for labs" I am getting below error
Fatal error: Uncaught Error: Call to undefined function mysql_connect() in /var/www/html/sqli-labs-master/sql-connections/setup-db.php:29 Stack trace: #0 {main} thrown in /var/www/html/sqli-labs-master/sql-connections/setup-db.php on line 29
Hello Team,
I have changed my setup also on window 10. now i am using wamp64 still i am getting error. I am using Php 5
Just use this and forget the issues:
https://github.com/Rinkish/Sqli_Edited_Version
Hello Team,
I have changed my setup also on window 10. now i am using wamp64 still i am getting error. I am using Php 5
Just use this and forget the issues:
https://github.com/Rinkish/Sqli_Edited_Version
Thanks man it is working
Hi Guyz,
I found a solution for this error which you all getting and we all saw the solution but we didn't get this so finally you can use this original sqli-lab let's see how you can solve this error.
after successfully moving files to /var/www/ or /var/www/html.
When you'll able to open the http://localhost/sqli-labs
You all are facing these issues
Solve this issue by creating a user in MySQL
Follow these steps
- Open MySQL
sudo mysql -u root -p
- Create a user
CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'user_password';
(put your user name atnewuser
and password atuser_password
. - After creating new user grant all privileges to user
GRANT ALL PRIVILEGES ON *.* TO 'database_user'@'localhost';
- Open sqli-labs folder then open sql-connections folder edit db-cred.php file
$dbuser- (new user which you created)
$dbpass - (new user password)
After following these steps restart your 2 services
sudo service apache2 restart
sudo service mysql restart
WOOOOAAHHH!!! Finally, you fixed your error by yourself :)
Why you are facing this issue - your mysql user was not able to login with regular user and because of this your connection was not able to authenticate to mysql database and for fixing this issue we created a user and granted all the permission to that user and that user was able to authenticate that's how we resolved this issue.
If you're getting this issue after following these steps so comment here I'll resolve your issue.
Hi Guyz,
I found a solution for this error which you all getting and we all saw the solution but we didn't get this so finally you can use this original sqli-lab let's see how you can solve this error.
after successfully moving files to /var/www/ or /var/www/html.
When you'll able to open the http://localhost/sqli-labs
You all are facing these issues
Solve this issue by creating a user in MySQL
Follow these steps
1. Open MySQL `sudo mysql -u root -p` 2. Create a user `CREATE USER 'newuser'@'localhost' IDENTIFIED BY 'user_password';` (put your user name at `newuser` and password at `user_password`. 3. After creating new user grant all privileges to user `GRANT ALL PRIVILEGES ON *.* TO 'database_user'@'localhost';` 4. Open sqli-labs folder then open sql-connections folder edit db-cred.php file $dbuser- (new user which you created) $dbpass - (new user password)
After following these steps restart your 2 services
1. `sudo service apache2 restart` 2. `sudo service mysql restart`
WOOOOAAHHH!!! Finally, you fixed your error by yourself :)
Why you are facing this issue - your mysql user was not able to login with regular user and because of this your connection was not able to authenticate to mysql database and for fixing this issue we created a user and granted all the permission to that user and that user was able to authenticate that's how we resolved this issue.
If you're getting this issue after following these steps so comment here I'll resolve your issue.
Thanks man. That worked!
Hello @scriptyvijay I implemented your solution above but still getting the empty page under the Creating database message...
Any pointer on how to resolve this wold be greatly appreciated.
Solution:-
Used a work around by the following steps
-
added the mysql connection parameters directly into the setup-db.php doc
$host = localhost
$dbuser = databaseuser
$dbpass = databasepassword -
Changed the mysql_connect to mysqli_connect
-
As a result had to change all the query:
mysql_query($sql) changed to mysqli_query($con, $sql) -
In some cases had to change the (../sql-connections) and others like it to the full paths for the include (/var/www/sqli-labs/sql-connections) and so on.
Will still see if I can resolve the original code because its gonna be alot of work to change all this in the code but if I can't find any solution to the original code as is then I will proceed with this.
Any tips on how to solve it in a way that doesn't require multiple changes would be greatly appreciated.
Thanks
Hi there,
please re-install and follow the upper method your problem will be resolve.
Hi, erm... which approach did you take ?
Hello @Sobitan , I had followed these (https://github.com/Audi-1/sqli-labs) installation process, and I had also changed some parts of code like converting sql to sqli in the sqlconnections directory.
Hey @VivekKamisetty,
Yea, once you change sql to sqli in one section of the code you will have to change it all through the different documents and php pages "as you go through" the lessons. Some code pages are linked like index.php of "less-1" has a section that points to sql-connect.php and so you will have to adjust that as well. (also ensure the complete path is in the include function)
Plus the mysql_fetch_array($result); may need to be changed to mysqli_fetch_array(result);
Lastly to get the error messages you can change mysql_error() to mysqli_error($con).
I think the application is best for a lower version of php and mysql (am not yet sure the exact versions but the higher ones have errors e.g that fact that mysql_connect has been deprecated in higher versions etc (https://www.google.com/search?channel=fs&client=ubuntu&q=mysql_connect+has+been+deprecated)). I hope some one who has it successfully working may share the versions used.
Also had to make some changes for Less-17 and above
Changed function check_input($value) to function check_input($con,$value)
Changed $value = "'" . mysql_real_escape_string($value) . "'"; to $value = "'" . mysqli_real_escape_string($con,$value) . "'";
Changed $uname=check_input($_POST['uname']); to $uname=check_input($con, $_POST['uname']);
(For Less-18 the password section will also need to be changed as well)
thank you @Sobitan I had modified everything in the sqlconnections dir but I hadn’t modified in the less-'s and yes it runs successfully :)
Hi Audi,
I am trying to install this using git clone and when I try to initiate the DB Reset I am not getting anything. And apache logs are giving me below::1 - - [13/Jun/2017:14:18:13 -0400] "GET /sqli-labs/sql-connections/setup-db.php HTTP/1.1" 500 848 "http://localhost/sqli-labs/" "Mozilla/5.0 (X11; Linux i686; rv:45.0) Gecko/20100101 Firefox/45.0"
I tried everything and seems not working. Any hints on solving this ? Thanks
https://www.youtube.com/watch?v=-lmUtYWfTWU
hope this video helps u... it worked for me
Welcome Dhakkan
SETTING UP THE DATABASE SCHEMA AND POPULATING DATA IN TABLES:
I can only see this thing on my screen , I am not able get them even i am not able to get the error too and i am using php5.6.36
I had a similar issue, just go to the database config file and change the password to blank again. Or just check once again if the server is set to localhost or whatever port you are using. Lmk if it works (:
Hey pythonmaster41,
I would recommend you to use the new generation installer, which is docker. The link you may need is here : https://github.com/tuxotron/Audi_SQLi_lamp_container/tree/master/Audi_SQLi_lamp_container
Fixed all issues. Thanks !