# SQLi testing labs

You can use this script to spin up four databases, MySQL, Oracle, SQL Server and PostgreSQL. It's useful for:

* Learning SQL
* Testing SQL statements
* Testing SQL injection payloads

```
version: '3'

services:
  mysql:
    image: mysql:8.0
    environment:
      MYSQL_ROOT_PASSWORD: root_password
      MYSQL_DATABASE: test_db
    ports:
      - "3306:3306"

  sqlserver:
    image: mcr.microsoft.com/mssql/server:2019-latest
    environment:
      SA_PASSWORD: "Strong!Passw0rd"
      ACCEPT_EULA: "Y"
    ports:
      - "1433:1433"

  postgres:
    image: postgres:13
    environment:
      POSTGRES_PASSWORD: root_password
      POSTGRES_DB: test_db
    ports:
      - "5432:5432"

  oracle:
    image: oracleinanutshell/oracle-xe-11g
    environment:
      ORACLE_ALLOW_REMOTE: "true"
      ORACLE_DISABLE_ASYNCH_IO: "true"
      ORACLE_ENABLE_XDB: "false"
    ports:
      - "1521:1521"
```

## Quick start

### Postgresql

Connect to PostgreSQL.

```
psql -h localhost -p 5432 -U postgres -W
```

Common commands.

```
# List databases
\l
\list

# Connect to a database
\c <database>

# List tables
\dt

# Basic query
SELECT * FROM <table-name>;
```

### MySQL

Connect to MySQL.

```
mysql -h localhost -P 3306 -u root -p
```

Common commands.

```
# List databases
SHOW DATABASES;

# Connect to a database
USE <database>;

# List tables
SHOW TABLES;

# Basic query
SELECT * FROM <table-name>;
```

### Oracle

Connect to Oracle.

{% hint style="info" %}
You can install the oracle client and configure it locally on your Kali machine, but it's easier to just connect to the container and work locally there.&#x20;
{% endhint %}

```
# Connect to your container
sudo docker ps -a
sudo docker exec -it <container-id> bash

sqlplus system/oracle@localhost:1521/xe
```

Common commands.

```
# List tables
SELECT table_name FROM user_tables;

# Basic query
SELECT * FROM table_name;
```