do u need to use the UNION or UNION ALL command for this challenge?
Author
RE: basice web 8
Member
Posts: Location: Joined: 01.01.70 Rank: Guest
Posted on 01-09-06 09:54
don't know where you got those arguments from, but a simpler way to do this (and almost all SQL injections) is to type in arbitrary code, then look at the error message.
Look thoroughly at the error you get, and think of how you can use that, or modify it to your advantage. ie: to access something you're not supposed to. Ciao!
Author
RE: basice web 8
Member
Posts: Location: Joined: 01.01.70 Rank: Guest
Posted on 01-09-06 10:55
here are some things i tried:
[edited...]
am i close or anything?
Edited by on 01-09-06 23:58
Author
RE: basice web 8
Member
Posts: Location: Joined: 01.01.70 Rank: Guest
Posted on 01-09-06 14:50
carrico wrote:
?SELECT * FROM family_db
That is the query needed, but you need to find the variable name to put that query in.
Author
RE: basice web 8
Member
Posts: Location: Joined: 01.01.70 Rank: Guest
Posted on 01-09-06 15:11
please edit this posts
dont be so clear and dont write solutions
Author
RE: basice web 8
Member
Posts: Location: Joined: 01.01.70 Rank: Guest
Posted on 02-09-06 00:01
?SELECT * FROM family_db
That is the query needed, but you need to find the variable name to put that query in.