presentations/introduction-to-sql-injection/example/README.md

62 lines
1.2 KiB
Markdown
Raw Permalink Normal View History

# Example project of a website including an SQL injection
This implementation is meant to be used for training purposes.
Do not use this code in production or as a blueprint for development!
## Installation
Use python poetry to install dependencies in the following way.
```sh
poetry install
```
Dependencies can be found inside the `./pyproject.toml` file.
After installation has been done, start the flask server.
2024-04-18 15:56:25 +02:00
### Create the Database
Execute the [create_db](./create_db.py) script to setup the database
```sh
python3 ./create_db.py
```
### Run Flask
```sh
poetry run python3 ./flask_sqli.py
```
Now, the website is accessible at [localhost:5000](http://localhost:5000/)
### Manual Installation
If you want to install the dependencies manually use a venv in the following way.
```sh
python3 -m venv venv
source venv/bin/activate
pip install flask
```
2024-04-18 15:56:25 +02:00
### Run Flask After Manual Installation
Start the flask server without poetry in the following way.
```sh
source venv/bin/activate
python3 ./flask_sqli.py
```
2024-04-18 15:56:25 +02:00
## Usage
First start the server, open your browser and open the website on locahost and
the port displayed after starting the flask server. Using the default
configuration of flask, the port is `5000`.
```
http://localhost:5000
```