所需系统:
本地os:win10
服务端os:centos7
使用到的工具
xftp7(上传文件)下载链接:https://www.netsarang.com/zh/downloading/?token=QlQxZlpkX2k1bkcySFFmT2h3amFOUUBueE8wcUNmYVZtaXNEbDZMX3N5Nnd3
sqli-labs下载:https://github.com/Audi-1/sqli-labs
使用LNMP_web集成开发环境,LNMP安装
LNMP安装教程:https://lnmp.org/install.html
lnmp安装完成后会提示MySQL密码,默认是安装时候输入的root密码:
MySQL/MariaDB root password: yourrootpassword
然后默认安装,等待即可,出现下图说明安装完成。
将下载好的sqli-labs-master文件上传到/home/wwwroot/default/目录
解压缩上传的文件:
unzip sqli-labs-master
修改SQL连接密码
cd /home/wwwroot/default/sqli-labs-master/sql-connections
修改此目录下的db-creds.inc文件
1 <?php 2 3 //give your mysql connection username n password 4 $dbuser =‘root‘; 5 $dbpass =‘yourrootpassword‘; 6 $dbname ="security"; 7 $host = ‘localhost‘; 8 $dbname1 = "challenges"; 9 10 11 12 ?>
接着运行setup-db.php:
php setup-db.php
运行失败,提示:
PHP Warning: mysql_connect(): Access denied for user ‘root‘@‘localhost‘ (using password: YES) in /home/wwwroot/default/sqlilabs/sql-connections/setup-db.php on line 29 [*]...................Could not connect to DB, check the creds in db-creds.inc: Access denied for user ‘root‘@‘localhost‘ (using password: YES) 切换到root用户,还是运行失败。
解决方法:
修改MySQL密码:
mysql -uroot -p
接着输入密码,
mysql> use mysql; mysql> UPDATE user SET password=PASSWORD(‘mypassword‘) WHERE user=‘root‘; mysql> FLUSH PRIVILEGES; mysql> quit;
再一次php setup-db.php:
················省略 [*]...................Old database ‘SECURITY‘ purged if exists<br><br> [*]...................Creating New database ‘SECURITY‘ successfully<br><br> [*]...................Creating New Table ‘USERS‘ successfully<br><br> [*]...................Creating New Table ‘EMAILS‘ successfully<br><br> [*]...................Creating New Table ‘UAGENTS‘ successfully<br><br> [*]...................Creating New Table ‘REFERERS‘ successfully<br><br> [*]...................Inserted data correctly into table ‘USERS‘<br><br> [*]...................Inserted data correctly into table ‘EMAILS‘<br><br> ················省略 [*]...................Old database purged if exists<br><br> [*]...................Creating New database successfully<br><br> ················省略 [*]...................Creating New Table ‘DCZUIX6QIR‘ successfully<br><br> [*]...................Inserted data correctly into table ‘DCZUIX6QIR‘<br><br> [*]...................Inserted secret key ‘secret_Z1FL‘ into table <br><br> ················省略
结果如下图: