Follow us on Twitter!
Few are those who can see with their own eyes and hear with their own hearts. - Albert Einstein
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 26
Guests Online: 22
Members Online: 4

Registered Members: 82885
Newest Member: ConiBE
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Page 3 of 3 < 1 2 3
Author

RE: basic 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-04-07 15:24
Why would it matter if you have posted that. Its not a spoiler or even a tutorial


Author

RE: basic 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-04-07 15:27
Good point...I don't really know how much help you can give on these forums..as you can see, I don't post much, just do the challenges.


Author

RE: what next?


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-04-07 20:25
Hello,

I was able to get the names of all columns, but I'm still failing to extract password from the database.

I've tried the UNION command with NO effect.
And the paper about Advanced-SQL-Injection also did no helped me much.

I need to be pointed to the right direction.

Any help will be grealty appriciated! Smile


Author

RE: basic 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-04-07 21:21
The answer is right there in the whitepaper....

After you've found out what columns exist in the table, you need to find a way to enumerate values from those columns. The problem with the login page is that it is not designed to return the values that you've queried, just allow access to a user that has credentials in the table. In that case, we need to be able to find a way to get data from the tables. We do that by enumerating values through syntax errors.

After the section in the whitepaper that shows you how to enumerate the column names, read further on how to create type convertion errors...Once you know how to do that, you can enumerate the usernames and passwords through error messages. The answers are in there...just read a little further down Smile


Author

RE: basic 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 22-04-07 22:04
the paper is good; it helped me complete the challenge


Author

RE: basic 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-07 01:50
contmp wrote:
Hello,

I was able to get the names of all columns, but I'm still failing to extract password from the database.

I've tried the UNION command with NO effect.
And the paper about Advanced-SQL-Injection also did no helped me much.

I need to be pointed to the right direction.

Any help will be grealty appriciated! Smile


i had this same problem. try doing different amounts of 1's (another bug, i think)


Author

RE: basic 21

korg
Admin from hell



Posts: 2798
Location: ENDING YOUR ONLINE EXPERIENCE!
Joined: 01.01.06
Rank:
God
Posted on 23-04-07 03:11
It's not a bug, Do some research on MSSQL tables and you'll get it, The white paper gives alot of spoilersShock


i57.photobucket.com/albums/g215/korg1269/shodan13.jpg

I deal in pain, All life I drain, I dominate, I seal your fate.
O R
Author

RE: basic 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-07 03:44
i remember the username select had a different ammount of 1s than the password, i spent a while figureing that out.


Author

RE: basic 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-04-07 06:05
this chall was really hard


Author

RE: basic 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 25-04-07 21:04
LanceUppercut wrote:
The answer is right there in the whitepaper....

After you've found out what columns exist in the table, you need to find a way to enumerate values from those columns. The problem with the login page is that it is not designed to return the values that you've queried, just allow access to a user that has credentials in the table. In that case, we need to be able to find a way to get data from the tables. We do that by enumerating values through syntax errors.

After the section in the whitepaper that shows you how to enumerate the column names, read further on how to create type convertion errors...Once you know how to do that, you can enumerate the usernames and passwords through error messages. The answers are in there...just read a little further down Smile


thanx for the reply, but still the damn challenge is giving me a headache. the damn username query has to be very specific. for example in previous part h*v*n* 1=1 worked but 2=2 did NOT. i know that's probably because it is simulated, but still wtf! :-(


Author

RE: basic 21

synstealth
PHP WARRIOR

Your avatar

Posts: 807
Location: /etc/shadow
Joined: 30.11.04
Rank:
God
Posted on 27-04-07 02:04
very interesting, easily missed on syntax


know where to Look
Author

RE: basic 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 03-05-07 07:48
really the article posted by LanceUppercut gives a lot of clues.
Author

RE: basic 21

regret
Member



Posts: 144
Location: edge of existence...
Joined: 16.10.06
Rank:
Apprentice
Posted on 13-05-07 15:34
That is actually one of the more well written articles out there on Advanced SQL Injection. The format it was done in makes it alot easier to read than your standard website text.


www.hellboundhackers.org/sig/r/12852.png
I am the machine that reveals the truth to you as only I can see it.

Memories are nice, but that\'s all they are....memories.

You can\'t ever find a place that\'s nice and peaceful, because there isn\'t any. You may think there is, but once you get there, when you\'re not looking, somebody\'ll sneak up and write \'Fuck you\' right under your nose.
di3m0nd6ack www.regretexistence.com
Author

RE: basic 21


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 19-10-07 19:32
Beat it. Loved it. Begging for more.



Page 3 of 3 < 1 2 3