Follow us on Twitter!
The measure of a mans life is not how well he dies, but how well he lives.
Friday, April 25, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 23
Guests Online: 21
Members Online: 2

Registered Members: 82909
Newest Member: awais
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Author

Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-10-05 23:55
I am confused about how to inject my SQL into the address bar. I have attempted using index.php?password= and then my SQL code, and then clicking log in and checking the source code but this doesnt work. Could someone point me in the right direction?
Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-10-05 00:01
Well, for one, you're injecting it in the wrong place and for two, it's not password=, don't just guess that, try looking in the source for some "good" info.


Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-10-05 01:02
Try looking for a commented out part. And remember, keep the SQL very simple.


Author

RE: Possible Spoiler, DO NOT READ IF YOU HAVENT PASSED THIS LEVEL


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-10-05 07:49
OK i know now that i need to use the comment part of the source code that i found so that it reads index.php?sql_*****= instead of what i was using initially... index.php?password= but it is still not working. The sql code i am using is REMOVED BECAUSE OF SPOILER. I am however still confused as to where to inject the code. I believe I need to inject it into the address bar, but this does not seem to be working.

I have also tried making my sql code more broad by using * in more places, leaving the WHERE field out and a few other things but this also did not work. Any tips to get me going from here would be appreciated.

Edited by on 07-10-05 18:03
Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-10-05 15:37
index.php - you sure about that?


Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-10-05 19:14
Paintballa, remove the spoiler and use a more generalized SQL statement.
Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-10-05 22:19
anything more general then SELECT * FROM [removed: displayed the answer] ???????




Edited by Mr_Cheese on 07-10-05 14:51
Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-10-05 00:46
Maybe Xyng, you might want to remove that part*cough*hint*cough*


Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-10-05 13:14
why remove it? it isn't right. This whole challenge isn't right...


Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-10-05 14:28
Yeah it is, you're probably just injecting it into the wrong place on the challenge.


Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-10-05 16:13
I think he's referring to the fact you cannot use the wildcard * for the FROM command in real injections. At least that's what I thought...
Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-10-05 18:06
nights_shadow wrote:
Yeah it is, you're probably just injecting it into the wrong place on the challenge.


you can do the injection in 2 places here and it doesn't work, or is it a guessing-file thing again?


Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-10-05 18:11
i think my problem is that im just typing the injection in without "escaping" it first so that the sql will execute. But i have tried various ways of doing this but it doesnt seem to work either...
Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 07-10-05 22:53
Xyng - Send me a p.m. about exactly what you're doing and i'll help you out with it. I'm sure there must be something simple your missing.


Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 05-11-05 15:22
this is the code im using. but its doesnt work. any help? secure-area.php?action=SELECT*FROMPersonsWHEREFirstName='Drake'


Author

RE: Basic 8 Help


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 15-04-06 17:26
Neoquesty wrote:
this is the code im using. but its doesnt work. any help? secure-area.php?action=SELECT*FROMPersonsWHEREFirstName='Drake'



well the main idea is the following:

-- First of all: what makes you think 'action' can be a $_GET variable from the second php ???
-- Send of all: think, dud, open a mysql session and try to type that down ... how many errors would you get ??? - the mysql 'command' if i may say that - must actually work ....
-- What makes you think 'FirstName' it's a mysql row from the specified table !?!?!?
-- Anyhow, keep the syntax verry clean - and "SHORT" - verry short ........... (i'd include a condition - i'd really do it - but it seems here it's as short as posible)
-- check out the original error query letters ... and remember: SELECT != select

cya