Dashboard Articles Playground Discussions More
Follow

SQL injection

testing935
7 years ago

0

Hello guy,

I’m on a chall on SQL Authentification,

for finish the chall, I must attack “admin” login, so in login, I enter
‘admin’
and in password I enter :
‘ OR WHERE username='admin’ LIKE password –

Who can help me ?

 

Add me on hackthis

Or speak with me on IRC channel : https://www.hackthis.co.uk/irc/

Try to Ddos me, My ip : 127.0.0.1

14replies
6voices
366views
? [bolofecal]
7 years ago

0

SELECT * FROM users WHERE username='admin' AND password='' OR WHERE username='admin' LIKE password --'

You know SQL?

 

?

Image

testing935
7 years ago

0

a Little Bit, I begin on start of the week

 

Add me on hackthis

Or speak with me on IRC channel : https://www.hackthis.co.uk/irc/

Try to Ddos me, My ip : 127.0.0.1

dloser
7 years ago

0

[quote=testing935]‘ OR WHERE username='admin’ LIKE password –[/quote]
I’m not sure anyone can help you…

? [bolofecal]
7 years ago

0

To inject you need a correct syntax and your syntax is something wrong like

SELECT WHERE username AND password LIKE 1 OR INNER ORDER LIKE JOIN BY

Keep training SQL

 

?

Image

Darwin [DIDIx13]
7 years ago

0

But you already done SQLi 1 and 2 :s

 

Message me anytime!

testing935
7 years ago

0

SQLite3 DIDIx13

 

Add me on hackthis

Or speak with me on IRC channel : https://www.hackthis.co.uk/irc/

Try to Ddos me, My ip : 127.0.0.1

Darwin [DIDIx13]
7 years ago | edited 7 years ago

0

I’ve seen this in python maybe ?

 

Message me anytime!

testing935
7 years ago

0

I thonk no it’s challenge on SQL authentification web

 

Add me on hackthis

Or speak with me on IRC channel : https://www.hackthis.co.uk/irc/

Try to Ddos me, My ip : 127.0.0.1

Darwin [DIDIx13]
7 years ago

0

A Link maybe ?

 

Message me anytime!

testing935
7 years ago

0

http://challenge01.root-me.org/web-serveur/ch9/

 

Add me on hackthis

Or speak with me on IRC channel : https://www.hackthis.co.uk/irc/

Try to Ddos me, My ip : 127.0.0.1

f0rk [HackingGuy]
7 years ago

2

:|

I think you mean this.

Although, if you say that you’re learning SQL, perhaps attempt to look at syntax rules and documentation before posting to an online forum with code that is clearly incomprehensible.

This, this, and this helped me learn the bare minimum when it comes to SQL.
Any further questions can be answered by Google.

 

There’s no place like 127.0.0.1

testing935
7 years ago

0

Thank HackingGuy

+1

 

Add me on hackthis

Or speak with me on IRC channel : https://www.hackthis.co.uk/irc/

Try to Ddos me, My ip : 127.0.0.1

Ghostboy-287 [ghost-287]
7 years ago

0

i didn’t need any ue or pd to complete it :) just need c**s and a tl

Darwin [DIDIx13]
7 years ago

0

Hello,

Can you be more explicit please ?

 

Message me anytime!

You must be logged in to reply to this discussion. Login
1 of 15

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss