Exploit KB Vulnerable Web App

During my SQL Injection learning journey I needed a vulnerable web application for practice

I created a WebApp vulnerable to SQL Injection for my personal use, The result was an extremely vulnerable web site which I could test some SQLi techniques against MySQL.

I must confess, I am not a programmer and I have never coded in PHP before, I thought it would be a good practice to develop a PHP based site from scratch in order to learn the basic of PHP and MySQL.

exploit.co.il Vulnerable Web app designed as a learning platform to test various SQL injection Techniques and it is a fully functional web site with a content management system based on fckeditor.

I thought some of you may find it useful so i decided to share it via a SourceForge project page i created for it  at :


The web app is available for download as a source code package or a VMware image.

Please report bugs to:  shai [ a t ] e  x p  l o i t  . c . o . i l

Read Me First

General Information

Installation Notes

Linux Installation

Windows Installation

VMware Image



VMware Image Details:

The VMWare image was built in VMware Workstation 7.1.1 build-282343 and its based on UBUNTU server 10.04 32bit.

Network card is configured in Bridge Mode

IP Address: Assigned by DHCP

Linux,MySQL and PhpMyAdmin Login details:

Username: root

Password: toor

Web App Administration can be found at:


PhpMyAdmin can be found at:


Post to Twitter

Recent Posts