• Name: Pentester Lab: CVE-2012-2661: ActiveRecord SQL injection
• Date release: 12 Jun 2012
• Author: Pentester Lab
• Series: Pentester Lab
• Web page: http://www.pentesterlab.com/exercises/cve-2012-2661/

• cve-2012-2661_i386.iso (Size: 330 MB)
• Download: https://ptl.io/cve-2012-2661_i386.iso
• Download (Mirror): https://download.vulnhub.com/pentesterlab/cve-2012-2661_i386.iso

• _cve-2012-2661.iso (Size: 332 MB)
• Download (Mirror): https://download.vulnhub.com/pentesterlab/cve-2012-2661.iso

Difficulty

Advanced

Details

This exercise explains how you can exploit CVE-2012-2661 to retrieve information from a database.

What you will learn?

• Exploiting CVE-2012-2661
• Time based SQL injections

• Filename: cve-2012-2661_i386.iso
• File size: 330 MB
• MD5: 45F7408ED83F5C152CEE983134C2343E
• SHA1: 4C4DA9968C1D4C07A462CD1AF48EC350B9B87A57
• Filename: _cve-2012-2661.iso
• File size: 332 MB
• MD5: A5BD831460A221867CCA8489D47C9D45
• SHA1: 452A43B6A6E9462A0E11DFB7A5D623942413457B

Checksum

×

To make sure that the files haven't been altered in any manner, you can check the checksum of the file.
This makes sure that the you have acquired the same file which was transferred to you, without being modified/changed/damaged.

Some authors publish the checksums in the README files, on their homepages or sometimes inside compressed archive (if it has been compressed).
VulnHub also lists the MD5 & SHA1 checksums for every file which it offers to download, allowing you to check. You can find all the checksums here, otherwise, they will be individually displayed on their entry page. To check the checksum, you can do it here.

You can find out how to check the file's checksum here.

• Format: Disk Image (.ISO)
• Operating System: Linux

• DHCP service: Enabled
• IP address: Automatically assign

• 12 Jun 2012 - CVE-2012-2661: ActiveRecord SQL injection (Pentester Lab)