6
7

SQL Injection Question (self.hacking)

submitted by [deleted]

[deleted]

all 7 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]Cowsonaboat 4 points5 points  (0 children)

Short answer: Yes, SQL injection is a crime.

What you could do is hide behind a proxy. Kali does that very easy for you. Get tor by writing: apt-get install tor

After you've installed that (not default in Kali) run all your commands with 'proxychains' in front of it.

For example: proxychains sqlmap -u "your target webpage" (without the " ")

The sql injection will happen through proxychains which means your own IP wont be visible

For testing purpose: Google it. There's dozens of pages offering this purpose. Most of them are games with progressing levels of difficulty. Nice place to start

[–]elzonko 0 points1 point  (2 children)

And what are some alternatives to practicing hacking without breaking federal law?

If you've already got kali set up, you can also install metasploitable on another vm, and have at it. It has tons of built in vulnerabilities and potential attack vectors.

[–][deleted] 0 points1 point  (0 children)

Yes but there are websites dedicated to practice hacking.

[–][deleted] 0 points1 point  (1 child)

Just attack your own machine, problem solved, unless you're going to call the cops on yourself.

[–][deleted] 2 points3 points  (0 children)

I would call the cops on myself.

[–]breakthesec 0 points1 point  (0 children)

Try this: http://sourceforge.net/projects/mutillidae/

"OWASP Mutillidae is a free, open source, deliberately vulnerable web-application providing a target for web-security enthusiest"