Follow us on Twitter!
Become the change you seek in the world. - Gandhi
Monday, April 21, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 27
Guests Online: 24
Members Online: 3

Registered Members: 82857
Newest Member: varshith_kh
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Page 2 of 2 < 1 2
Author

RE: BASIC 21

hawkster
Member

Your avatar

Posts: 10
Location: Burbank and Irvine, California
Joined: 16.08.06
Rank:
Guest
Posted on 13-10-08 08:09
Ugh, I can't get the stupid password out of the SQL injection. I've enumerated the field names from the table and even got the username itself, but I can't seem to get the password. Trying to get the password in the same way as the username with the same format (just changing the field name) doesn't seem to work as I just get that "Username/password was not found in DB" error.

Any ideas what the hell we're supposed to do for the final query?

I have to admit, I'm getting pretty pissed off. :xx:

Edited by hawkster on 13-10-08 08:11
KaneFanDX@aol.com hawkster9542
Author

RE: BASIC 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-10-08 17:19
http://www.ngssof. . .ection.pdf

This will give you the solution!! Wink


Author

RE: BASIC 21

hawkster
Member

Your avatar

Posts: 10
Location: Burbank and Irvine, California
Joined: 16.08.06
Rank:
Guest
Posted on 13-10-08 19:18
Thanks for the whitepaper, Cypher, but that's the exact thing I've used to get to the point I'm at now Wink

I've looked at the method to grab the password once you have the username, but I can't get it to work for me. I'm going to keep at it again today and see if I can come up with anything... I did 15 of the 16 JavaScript challenges to try to take my mind off it, but when I was done it was 3 AM and I couldn't think any longer Grin


~ Paranormal investigator and software developer ~

www.hellboundhackers.org/sig/r/10896.png
KaneFanDX@aol.com hawkster9542
Author

RE: BASIC 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-10-08 19:52
hawkster wrote:
Thanks for the whitepaper, Cypher, but that's the exact thing I've used to get to the point I'm at now Wink

The great thing about that whitepaper is that it also explains how and what its doing, rather than just giving query snippets. Understand how it's enumerating and finding specific parts of the table, then apply different methods of doing so (with your particular aim in mind) until one works.


Author

RE: BASIC 21

hawkster
Member

Your avatar

Posts: 10
Location: Burbank and Irvine, California
Joined: 16.08.06
Rank:
Guest
Posted on 13-10-08 19:55
That's the thing I loved about it; it was actually interesting to read and provided helpful insights. Looking at the methods I had a lot of "why didn't I think of that?" moments and then was ecstatic when they actually worked.

When (not if) I figure out what I'm doing wrong, I'll be very, very happy. I've got nothing else interesting to do today so I might as well Grin

~Hawk


~ Paranormal investigator and software developer ~

www.hellboundhackers.org/sig/r/10896.png
KaneFanDX@aol.com hawkster9542
Author

RE: BASIC 21

yours31f
Member



Posts: 1678
Location: Dallas Texas
Joined: 27.04.07
Rank:
Elite
Posted on 13-10-08 20:11
hawkster wrote:


I have to admit, I'm getting pretty pissed off. :xx:



Allow me to help you with that.

imagecache2.allposters.com/images/GAL/SPSSR.jpg


Debugging is what programmers do to beta software to make it take up more room on your hard drive if it is running too efficiently.


img259.imageshack.us/img259/3713/sigr.png

yours31f@live.com yours31f@yahoo.com rpwd.info
Author

RE: BASIC 21

hawkster
Member

Your avatar

Posts: 10
Location: Burbank and Irvine, California
Joined: 16.08.06
Rank:
Guest
Posted on 13-10-08 20:37
Heh heh heh... that would have helped quite a bit at the gathering I was at the other night.

If I haven't dented my wall yet, I'm sure on the verge of it Grin

~Hawk


~ Paranormal investigator and software developer ~

www.hellboundhackers.org/sig/r/10896.png

Edited by hawkster on 13-10-08 20:37
KaneFanDX@aol.com hawkster9542
Author

RE: BASIC 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 14-10-08 13:39
The nice thing about this whitepaper is that it give u the solution!! Wink


Author

RE: BASIC 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 14-10-08 14:35
Cyph3rHell wrote:
The nice thing about this whitepaper is that it give u the solution!! Wink

That's not a nice thing... What's the point of doing a challenge if you're going to be spoonfed the answer? Personally, I'd rather be giving the information to learn the subject, then derive the solution from there. Having a challenge based 100% off of a whitepaper is silly and pointless.


Author

RE: BASIC 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 14-10-08 14:45
Zephyr_Pure wrote:
That's not a nice thing... What's the point of doing a challenge if you're going to be spoonfed the answer? Personally, I'd rather be giving the information to learn the subject, then derive the solution from there. Having a challenge based 100% off of a whitepaper is silly and pointless.


I agree! But to beat a chall u must know where to look... even if u have a withepaper because some people want to beat a chall without making efforts, this is why some ppl still stuck in this chall!


Author

RE: BASIC 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 14-10-08 14:58
Cyph3rHell wrote:
I agree! But to beat a chall u must know where to look... even if u have a withepaper because some people want to beat a chall without making efforts, this is why some ppl still stuck in this chall!

The challenge could've been made without following a whitepaper word for word... by changing up some of the details, it could've been helped by the whitepaper, but not completely spoiled. Anyways, I rather enjoy the challenges that leave me stuck for a while; it gives me the chance to explore a new topic and learn, put in some effort, etc. Anyways, this is moot, I suppose... This is a thread for helping with Basic 21, and that whitepaper pretty much does it on its own.


Author

RE: BASIC 21

hawkster
Member

Your avatar

Posts: 10
Location: Burbank and Irvine, California
Joined: 16.08.06
Rank:
Guest
Posted on 14-10-08 18:03
Okay, I can't believe this...

I managed to figure it out today while sitting in my Political Science class. I was making one small error in the password query that wasn't generating what it should have as a result.

Apparently I do better when I'm focused on something else... lol

Thanks for all your help, guys Grin

~Hawk


~ Paranormal investigator and software developer ~

www.hellboundhackers.org/sig/r/10896.png
KaneFanDX@aol.com hawkster9542
Author

RE: BASIC 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 14-10-08 18:09
No prob man, glad that u got it! Wink


Author

RE: BASIC 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 14-01-09 20:18
hawkster wrote:
Okay, I can't believe this...

I managed to figure it out today while sitting in my Political Science class. I was making one small error in the password query that wasn't generating what it should have as a result.

Apparently I do better when I'm focused on something else... lol

Thanks for all your help, guys Grin

~Hawk


Same thing happened to me. I spent maybe two hours reading through SQL pages and the PDF trying to find what I was doing wrong with the syntax. As soon as I get distracted with something at work, bam, I realize the reason my injections were failing was due to an extra, hidden space in the syntax. I'd been one space away for hours. Oy vey. But hey, at least this mission was fun as hell.
Page 2 of 2 < 1 2