Join us on Slack!
Understanding is the answer, hatred is the problem, and hackers are the slaves abused and destroyed in the process of peace online - Deshouleres
Wednesday, November 13, 2019
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 55
Guests Online: 53
Members Online: 2

Registered Members: 119849
Newest Member: YuliaBen
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Author

Basic 18

Celahirius
Member

Your avatar

Posts: 2
Location:
Joined: 10.02.15
Rank:
Moderate
Posted on 13-02-15 10:33
I have no idea what to do.
I have found out (using O**** BY command) how many columns there are.
Now I'm trying to execute this:
/index.php?id=1 U**** A** S***** *, ****, ****, ****, **** F*** Article

According to few threads it should work, but it doesn't.

Edited by rex_mundi on 13-02-15 11:43
Author

RE: Basic 18

Huitzilopochtli
Member



Posts: 1624
Location:
Joined: 19.02.13
Rank:
God
Posted on 13-02-15 11:20
Weird way of doing it.

Don't leave spaces between columns and check the table name Thumbs Up

Edited by Huitzilopochtli on 13-02-15 11:26
Author

RE: Basic 18

Celahirius
Member

Your avatar

Posts: 2
Location:
Joined: 10.02.15
Rank:
Moderate
Posted on 13-02-15 11:29
Ok, solved. Thx
BTW. why I must put nulls everywhere? "*" wasn't working.
Author

RE: Basic 18

Huitzilopochtli
Member



Posts: 1624
Location:
Joined: 19.02.13
Rank:
God
Posted on 13-02-15 11:42
There was no need to use any nulls, as you already knew how many columns there were , you could have just used numbers.

As for the wildcards, * can only be used as a wildcard in a full text search, while % (match 0 or more characters) and _ (match exactly one character) are only applicable in LIKE-queries.

Edited by Huitzilopochtli on 13-02-15 11:46