Follow us on Twitter!
Never in the field of human conflict was so much owed by so many to so few. - Winston Churchill
Wednesday, May 04, 2016
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 25
Guests Online: 15
Members Online: 10

Registered Members: 93518
Newest Member: sandeepsurya
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Author

basic 21, my sql code should extract the password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-04-10 23:18
I can extract the username, so it is printed out in an error message. When I replace the name of the username column, with the name of the password column, it doesnt error. Which it should have, just like when the username got printed out.

Got any hints for me? Smile
Author

RE: the whitepaper has moved...

C4741ysT
Member

Your avatar

Posts: 2
Location:
Joined: 01.01.11
Rank:
Guest
Posted on 09-02-11 21:13
the paper that is essential to completing this mission has been moved/retitled: http://www.nccgro. . ..sflb.ashx.

This mission was probably the best and most educational one I've done so far out the basic challenges. Thanks to whoever coded it.
http://www.catalyst.hack-inter.net
Author

RE: basic 21, my sql code should extract the password


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 12-09-11 20:25
the script you used to find the username is similar but not the same as the one you need for the password. Examine the whitepaper closely because if you found the username then your not too far off from the password.

Good luck

p.s. it's not too hard so don't look into it too much
Author

RE: basic 21, my sql code should extract the password

splext
Member

Your avatar

Posts: 2
Location:
Joined: 24.10.15
Rank:
Wiseman
Posted on 24-10-15 18:27
C4741ysT wrote:
the paper that is essential to completing this mission has been moved/retitled: http://www.nccgro. . ..sflb.ashx.

This mission was probably the best and most educational one I've done so far out the basic challenges. Thanks to whoever coded it.


The paper has been moved again. Anyone know where it has gone?
Author

RE: basic 21, my sql code should extract the password

rex_mundi
☆ Lucifer ☆



Posts: 1956
Location: Scotland
Joined: 20.02.08
Rank:
God
Posted on 25-10-15 03:52
https://sparrow.ece.cmu.edu/group/731-s11/readings/anley-sql-inj.pdf
U N ⓡⓔⓧ_ⓜⓤⓝⓓⓘ
Author

RE: i met this problem too

8289104
Member

Your avatar

Posts: 2
Location:
Joined: 20.01.16
Rank:
Newbie
Posted on 21-01-16 09:51
i met this problem too, can anyone help?
Author

RE: basic 21, my sql code should extract the password

Huitzilopochtli
Member



Posts: 1380
Location:
Joined: 19.02.13
Rank:
God
Posted on 22-01-16 03:06
Read the pdf again, everything you need to complete this one is in there.

Edited by Huitzilopochtli on 23-01-16 00:03
Author

RE: basic 21, my sql code should extract the password

sangantnk8
Member

Your avatar

Posts: 5
Location:
Joined: 31.01.16
Rank:
Hacker Level 2
Posted on 04-02-16 12:27
i'm stuck on this chall. i tried to use all sql injection i know and read this paper. so i can't create a error "convert". anyone who give me any hint or any document about it.
PS:/ i searched google about Error Based SQL Injection!!! (Stuck!!!!)
Author

RE: basic 21, my sql code should extract the password

MrCyph3r
npm ERR!



Posts: 783
Location:
Joined: 09.08.14
Rank:
God
Posted on 04-02-16 23:38
The link posted by rex_mundi contains everything you need to solve this challenge. look a few posts above yours Thumbs Up
Author

RE: basic 21, my sql code should extract the password

Huitzilopochtli
Member



Posts: 1380
Location:
Joined: 19.02.13
Rank:
God
Posted on 06-02-16 04:16
Top Tip:
If you're copying and pasting it direct from the pdf, and you don't get the error message it tells you in the whitepaper, it doesn't mean the injection is wrong, or has suddenly stopped working, it means you need to learn how to copy and paste better.

True story bro. Thumbs Up