Need a BIG spoiler

Once again, I think you over thinking and actually also not really know what query you really inserted into the system.
easy way: read the tutorial made by @daMage http://www.hackthis.co.uk/articles/about-sql-injections-with-ms-sql-server
more long but more interesting way : make your own form, and link it to request on a mySQL database with a basic login table and try to break it though your requests so you can see what is actually really send to the db.

DaGr8Kornolio, use similar SQL injection, as in SQLi Levels 1&2, the one you used for SQLi Levels 1 should work. But that might not be your problem, so heres the thumbnail, save desired source code, access Moderator page(php), through SQL injection, open correct file, exchange source code, save through Directory Traversal (you did this in Real 6). Reward 500 pts! Just over 2000 completed it since 2008. Hmmm! Theres a lot here! Very cryptic. Good Luck!

@memoria : Thanks for the confort. These levels really make me feel stupid. I’ve tried numbers of thing and I never get anything else that “Incorrect login”. No error message, no output, nothing that could make me think that there is a vulnerabilty.

Right now I don’t have a linux box at home and it would take too much time to build all this…

I’ve read @damage’s article, it’s really impressive! It’s unbelievable… I wish I could be that great at SQL injection… But I don’t feel like it’s the same as level Xmas… At least I seem to use the good syntax. Here is some of the things I tried… Let me know if I’m on the wrong way…

user field : admin' and 1=1– FAILED
user field : admin' and ‘1’=‘1’– FAILED
user field : santa' and 1=1– FAILED
user field : admin; pwd field : xxx' or 1=1– FAILED
user field : admin' order by 10– FAILED

@guuf : Thanks for you help. I will go back to SQLI 1 i see what I have missed… Then I’ll try what you propose… Open file? Exchange source code? Through SQLI? Don’t answer if it’s too much of a spoiler… I wish to finish this level before you read those lines…

At all real hackers I meet on this site, thank you Sensei.

DaGr8

I did the SQLi levels again and yet I have no clue… Going to bed now…

@DaGr8Kornolio:

Right now I don’t have a linux box at home and it would take too much time to build all this…
WAMP is made for windows and is a “one click” installer to get apache, mysql, php and phpmyadmin.

Other way I’m not sure put you try is not a quite big spoiler but anyway none of those looks fine so that’s normal they failed.
It’s not more complicated than sql lvl 1.

I used OR instead of AND… I don’t understand why they don’t look fine… I tried the same one as in SQLi Level 1.

I will surely install this tomorrow. Your help is much appreciated.

Take care @memoria

Edit: Hey… why did you remove the script???

After reading other threads in this section, I thought it was maybe too much given :/

is this for sql level 1 or 2 either one hit me up there not too hard i myself had to reread the forums after i figured 2 out all over to help someone just remember that a union injection is used to return data to a vulnerable column so they amount of queries in the union and the original query must match i believe

i bypassed the login page.i even opened the file.but when i change the contents to anything(even blank) it doesn’t reflect the same.although it says file saved.wat should i do now??

abhirishi7, checkout my previous Forum Post. It has to be done in the proper sequence and location to be correct! For example, I tried just modifying the websites source code, but this did not complete the level. There is hidden source code that you must replace, using previous learned techniques.

@guuf appreciate ur help.but i solved it now.i didnt do any directory traversal.wats the need of that?i dont want it to be spoiler so i will pm u.

@guuf appreciate ur help.but i solved it now.i didnt do any directory traversal.wats the need of that?i dont want it to be spoiler so i will pm u.

Go to inspect element and delete all the text, LOL!

Just joking……Srry, just felt like saying this.

look at this article. please take your time to read it through, it saved me lots of time on sqli

w3schools sql injection

Thanks @Cheerfulbull. Your link helped me to find the working sqli.