| Author |
Basic 18 boost |
MinDistortionist
Member
Posts: 42
Location:
Joined: 08.11.07
Rank: Monster |
|
Ok. I'm pretty sure I need to blind sql because the page is = to an ID. But this is where I get stuck, I've read a lot of articles about blind sql and they all say the same, so if someone could give me a hint on the next step or something I could read to help me. I don't want a spoiler just a little hint.
~MinDistortionist~ |
|
| Author |
RE: its a Biznitch |
noober
Member
Posts: 177
Location:
Joined: 16.10.07
Rank: Apprentice |
|
|
Basic 18 is a very very very very dirty pirate hooker and pain in the A$$ pm with what your trying and ill push you in the right direction |
|
|
| Author |
RE: Basic 18 boost |
ZvirX
Member
Posts: 101
Location: Class Object
Joined: 03.11.07
Rank: God |
|
You need to know how many columns are there in the table first,
by a specific command , i suggest reading up SQL tutorial in w3schools.
And if you get totally stuck, just read the topics here about Basic 18 there are alot of topics i know, but i remember one of them explained alot of the chall.
Good luck.
|
 ![zVirx[at]hotmail[dot][com]](../fusion_themes/HBH/forum/msn.gif)  
|
| Author |
RE: Basic 18 boost |
MinDistortionist
Member
Posts: 42
Location:
Joined: 08.11.07
Rank: Monster |
|
|
Isn't to find how many columns O**** ** (number till page false)? If so I know how many. |
|
|
| Author |
RE: Basic 18 boost |
Skunkfoot
Member
Posts: 672
Location:
Joined: 01.09.06
Rank: God |
|
read up on your SQL injections:
http://darkmindz.com/article_read.dmz?id=22
http://darkmindz.com/article_read.dmz?id=17
Good luck 
Today a young man on acid realized that all matter is merely energy condensed to a slow vibration, that we are all one consciousness experiencing itself subjectively, that there is no such thing as death, life is only a dream, and we are the imaginations of ourselves.
--Bill Hicks
--=[ Skunkfoot || Temet Nosce ]=--
|
|
|
| Author |
RE: Basic 18 boost |
ZvirX
Member
Posts: 101
Location: Class Object
Joined: 03.11.07
Rank: God |
|
|
MinDistortionist wrote:
Isn't to find how many columns O**** ** (number till page false)? If so I know how many.
Great, now you need to select as many columns you found from the table and since you don't know the name of the columns you use a specific word!
I don't want to spoil it for you .. i'm sure that word is said in the other topics though 
|
|
|
| Author |
RE: Basic 18 boost |
MinDistortionist
Member
Posts: 42
Location:
Joined: 08.11.07
Rank: Monster |
|
|
Alright thanks. |
|
|
| Author |
RE: Basic 18 boost |
Maxxie
Member
Posts: 0
Location:
Joined: 02.12.07
Rank: Newbie |
|
What a crappy chall I entered the worst thing I can think of and it worked  |
|
|
| Author |
RE: basic web 18 |
redhothacker
Member
Posts: 131
Location: Caribbean
Joined: 28.01.07
Rank: God |
|
|
the solution to this challenge is not realistic as the purpose of this challenge is to teach you a hacking technique known as blind sql injection.if you are on the hack thissite .org community and have completed realistic 4 then you should have an idea on how to do this challenge |
|
|
| Author |
RE: Basic 18 boost |
espartaniac
Member
Posts: 7
Location:
Joined: 12.07.11
Rank: Active User
Warn Level: 5
|
|
ok.. finally solved it but I have some doubts:
1) why is this called a ***nd I*******? To me it was like a normal one... except for the use of n***
2) why did it only work with n***?!
3) if I did this IRL, I probably would get an empty page, or am I wrong?
thanks for the tips OP
|
|
|
Main:
