fallenonehf
9 years ago

0

Very cool that there are new levels, but I don’t understand anything of SQL..
The first level I completed by reading 4-5 tutorials on google, after thinking I managed to get in.
This level it’s much harder for me I don’t know what to do. I go to the members list, read source but can’t find anything. I also didn’t find any useful name, and tried editing URL but just don’t come out.
I really like this, but I have no idea what to do.

Can you guys help me by giving a hint ( I don’t want answers, otherwise all the fun will go :( )

40replies
16voices
357views
Luke [flabbyrabbit]
9 years ago | edited 9 years ago

0

The second level is orders of magnitude harder than the first. My suggestion is to do as you have been, concentrating on the browse members portion of the level. You are on the right lines with the URI keep changing that and see what results you get. Seeing as you don’t have much knowledge about SQL I would suggest doing some serious research into some more complex statements available.

The vulnerability should be fairly straight forward to find but how to exploit it is a bit more tricky.

Kabue
9 years ago | edited 9 years ago

0

^_^ nice atitude.
I found this TUT on Hackforums, but you have to be registered to read it…. If you aren’t, just tell me, and I’ll try to find another one…. But this tutorial really teach it simple, and easy. So it’s really good.

For later:

http://www.mediafire.com/?td99j9qwzhbfp06

Hope you can do it ;).
-Kabue

fallenonehf
9 years ago | edited 9 years ago

0

@Flabbyrabbit, what I have to do is more vivid now thanks! I’m gonna keep searching on the internet
@Kabue Yes I have an account on hf, thanks for sharing bro will read this first!
edit: I read that sort of injection already but in the url it says: browse&q=a
so how am I suppose to inject it here..

Kabue
9 years ago

0

If you have read all there is in that tutorial, then the SQLi 2 should be a piece of cake for you ;). It’s all about how to inject in something looking like browse&q=a ^_^
-Kabue

fallenonehf
9 years ago

0

Haha alright!
I’m gonna try to guess this on my own with only this tutorial, gonna make things more spicy!

#RS69 [Rs69]
9 years ago

0

SQLi i’m also don’t understand about it. :-)

fallenonehf
9 years ago

0

So didn’t I! But as your bio says ‘i believe. i can do anything what i want if i try to get it’
you gotta do it! read the post of flabbyrabbit, maybe it can help you!

#RS69 [Rs69]
9 years ago

0

oke oke.. :-D i’ll learn how to complete on this level. keep spirit masbro sisbro.. :-D

fallenonehf
9 years ago

0

mweh.. I can’t even find the url that I have to exploit what’s this..

daMage
9 years ago

0

The link you’re looking for is on the level page :)

fallenonehf
9 years ago

0

I’m close to finishing this level :D

???Roun512 [roun512]
9 years ago

0

hehe we all are close :) but cant find it :D

daMage
9 years ago

0

It’s not as hard as you think…

???Roun512 [roun512]
9 years ago

0

i know ! You finished it in like 2 mins ! but iam looking :D

fallenonehf
9 years ago

0

I try: ( don’t read it if you want to solve it on your own.)

http://www.hackthis.co.uk/levels/s2.php?browse&q=a' order by 3–
I get:
ORDER BY column number 10 out of range - should be between 1 and 2
DEBUG: SELECT username, admin FROM members WHERE username LIKE ‘a’ order by 10–%'

then I try:
http://www.hackthis.co.uk/levels/s2.php?browse&q=a' union select 1,2–
but I get nothing.. just blank. I tried to change it to:
q=-a union select 1,2–
q=‘a union select 1,2–
q='a’ union select 1,2–
and many more.. but I get nothing. I have readed the error carefully but still nothing!
i only know sql injections with index.php?id=1' but not with a letter..

anyone help/hints?? I don’t want answers it took me 1 hour to figure out the vulnerability..
I still want the fun in it.


0

Just email Flabby or DaMage saying you are the FBI and need the username/password for this level. Problem solved

[deleted user]
9 years ago

0

@Ski900: You’re funnily =))

heavenlyMe
9 years ago

0

@fallenonehf after you know about the table names and column names. Try to figure out how to display the record. And the rest is be a creative hacker :).
It’s important to know basic understanding about sql syntax. Beside that you should know how to understand the triggered error message. After that all you have to do is exploit it.

fallenonehf
9 years ago

0

@Ski, i’m not here to be the best. I’m here to learn.

@Heavenlyme, I’m gonna try some other things out,.
Yeah I noticed.. SQL is important, but no worries i’ll learn it soon or later :D


0

@fallen, never said you were! I am having just as much trouble with this level as you are lol. I have been studying my ass off trying to complete it.

???Roun512 [roun512]
9 years ago

0

@Ski900 : hehe Nice one :D :D When You complete it u will know that its easy :)


0

Lol, I am sure i’ll be like, wtf. However, right now, my issue whether I need to use a “php?id=(some number) or if I can just stick with browseq=… After that I should be golden if that is the direction this level heads.

???Roun512 [roun512]
9 years ago

0

yes stick to browse?q= :D :D


0

Lol, the best thing about this is it’s new! There aren’t too many spoilers.

???Roun512 [roun512]
9 years ago

0

hehe yes first 2 days i waited someone to post topic about it ! ! ! but the way i solve it u must understand sql in my way in others i dnt know :)


0

lol, back to the chalk boards.

???Roun512 [roun512]
9 years ago

0

hehe its old Days :P


0

!!! lol, why am I not able to connect the dots?!?!?! I need to work on calc homework, but this shit is BOTHERING me that I can’t figure this out haha!!!

???Roun512 [roun512]
9 years ago

0

:P :P :P what do u mean :P ? :D :D

fallenonehf
9 years ago

0

haha don’t worry, by trying new things you learn.

la100cia
9 years ago

0

SQL Level 2 Scare the crap out the toilet!


0

Dots connected. Had words swapped lol

Neo [fuat]
9 years ago

0

What is the Username and Password??


0

Nobody is gonna give you answers. Do it on your own

Thomas [25thomasoooo]
9 years ago

0

i got this symtex error message but i dont know what do with it

DEBUG: SELECT username, admin FROM members WHERE username LIKE ‘a’ UNION SELECT 1,2/.%‘%’
near “.”: syntax error

Wibben
9 years ago | edited 9 years ago

0

I used union all select 1,2– and it returned 1, then I did union all select 1,2 from members and it returned a bunch of 1s. what am i supposed to do now?

Kabue
9 years ago | edited 9 years ago

0

Well why did you input union all select 1,2–??
When you know why you did that, you also know what the number 1 means. And then you need to figure out how to exploit it….. Try to read some tutorials or info about SQLi.
Edit: you don’t need to find the Version to finish this level, so just skip that.
Good luck ;)
-Kabue

teunissenstefan
9 years ago

0

I know SQL when I’m programming with PHP, but i don’t understand shiiiit of lvl 2

malingas
9 years ago

0

i don’t know what to do. Plz help

[deleted user]
9 years ago

0

The SQLi part itself seemed easy enough after learning how to inject it into the URL bar. I sort of found it harder to get the password, I spent a while searching for reverse lookups on the net. One of the other users gave me a link to find the plaintext password. :)

You must be logged in to reply to this discussion. Login
1 of 41

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss