Skip to content

CyberCTF/mysql_error_based_-_group_by-Flask-Default

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
.github/workflows
.github/workflows
 
 
build
build
 
 
deploy
deploy
 
 
docs
docs
 
 
test
test
 
 
README.md
README.md
 
 
done.md
done.md
 
 

Repository files navigation

MySQL Error-Based SQL Injection via GROUP BY (Business Lab)

Description

Simulate a real-world pentest where you exploit a GROUP BY-based SQL injection to leak sensitive MySQL schema details using error-based techniques in a business product catalog application.

Objectives

  • Identify and test SQL injection points.
  • Exploit GROUP BY to trigger informative MySQL error messages.
  • Extract backend technology information (MySQL version) via crafted errors.

Difficulty

Intermediate

Estimated Time

45 minutes

Prerequisites

  • Basic knowledge of SQL syntax and injection attacks
  • Familiarity with HTTP requests and web debugging
  • Comfort with error message analysis

Skills Learned

  • Error-based SQL injection with GROUP BY
  • Interpreting MySQL error messages for information extraction
  • Payload crafting for information disclosure

Project Structure

  • folder: build
  • folder: deploy
  • folder: test
  • folder: docs
  • file: README.md
  • file: .gitignore

Quick Start

Prerequisites: Docker and docker-compose installed locally.

Installation:

  1. Clone the repo
  2. Run docker-compose up
  3. Access http://localhost:3206/lab

Issue Tracker

https://github.com/Cyber-Library/issues

About

CyberCTF Lab: mysql_error_based_-_group_by on Flask Default

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages