Follow us on Twitter!
The measure of a mans life is not how well he dies, but how well he lives.
Thursday, August 17, 2017
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 32
Guests Online: 32
Members Online: 0

Registered Members: 101553
Newest Member: cliftz
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Author

Basic 8


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-04-11 16:56
I've been working on this one for a while now, read all of the articles written about it. I guess I should cover what I already know. This sql injection is done by returning a key-value through the url in the secure area. I guess I'm just a noob to the sytax but I've been trying to teach myself via online articles and they're mostly about writing the webpages, not returning key-values from the DB through the url. Anyhow here is the most recent thing I've tried.

secure-area.php?sql_query(username = 'Drake' & password=@password)

Any help at all would be appreciated.

~panda
Author

RE: Basic 8

starofale
Member



Posts: 218
Location: England
Joined: 05.12.07
Rank:
Moderate
Posted on 07-04-11 20:18
bluntrllnpanda wrote:
secure-area.php?sql_query(username = 'Drake' & password=@password)


That isn't how you send data with GET. See: http://www.htmlco. . .D_GET.html

Also, you need to send a valid SQL query.


Try a new search engine
Author

RE: Basic 8


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-04-11 05:09
so does sql_query = get?

and how close is secure-area.php?get Username = Drake
?
Author

RE: Basic 8

Arabian
Banned



Posts: 332
Location: inside you.
Joined: 22.09.10
Rank:
Apprentice
Posted on 08-04-11 08:53
bluntrllnpanda wrote:
so does sql_query = get?

and how close is secure-area.php?get Username = Drake
?


Close, but think in terms of literal SQL queries. Obviously your answer is going to be php?sql_query=XXXXXXX

think SELECT * FROM etc.


Use an actual query to solve the problem.


G'bye y'all! I was an asshole, So korg banned me.

Edited by Arabian on 08-04-11 08:57
Author

RE: Basic 8


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 08-04-11 12:00
Arabian wrote:
Obviously your answer is going to be php?sql_query=XXXXXXX

think SELECT * FROM etc.


Use an actual query to solve the problem.

Spoiler?


btw... quick question. Why wont it work with lower-case? I thought capitalization really didn't matter.
Author

RE: Basic 8

Mtutnid
Member

Your avatar

Posts: 102
Location: HELL
Joined: 22.09.10
Rank:
Newbie
Posted on 08-04-11 12:10
HacKid wrote:
Arabian wrote:
Obviously your answer is going to be php?sql_query=XXXXXXX

think SELECT * FROM etc.


Use an actual query to solve the problem.

Spoiler?


btw... quick question. Why wont it work with lower-case? I thought capitalization really didn't matter.


I think it is because this challenge is a simulation of an sql injection and they didn't bother to test for upper and lower case.


Author

RE: Basic 8


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 10-04-11 06:12
Thank you guys so much!! I've spent so many hours on this thing and I just got it. I tried sql queries using select many times with no luck just missed a crucial step. Thanks again!!