Follow us on Twitter!
Things are more like they are now than they have ever been before. - Dwight D. Eisenhower
Friday, May 06, 2016
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 19
Guests Online: 18
Members Online: 1

Registered Members: 93546
Newest Member: Gzilla25
Latest Articles
View Thread

HellBound Hackers | Challenges | Basic

Author

Ok this is just confusing to me (basic 8)


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-09-05 06:09
Ok I've tried like 12 different injections into every concieveable place you can inject. People on the forums say to make it broader but I don't think you can get much more broad than:

[removed - spoilers]

Or more broad:

SELECT * FROM * WHERE username='Drake'

Unless possibly this would work:

SELECT * FROM *

Or why not, let's try:

SELECT *

I found the error (and hence the table) and feel free to yell at me in case any of those are spoilers and the reason they don't work is because they just don't like me.

Edited by Mr_Cheese on 23-09-05 15:03
Author

RE: Ok this is just confusing to me (basic 8)


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-09-05 06:40
lol this is another UNREALISTIC challenge...


Author

RE: Ok this is just confusing to me (basic 8)


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-09-05 14:36
Well, you're just not injecting it into the right place. How about checking the source before or after any injection.


Author

RE: Ok this is just confusing to me (basic 8)


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-09-05 14:47
Still doesn't make sense. Yes I've looked at the source, and yes I've tried interjecting everywhere on the page with the exception of the HBH login form.

One moment.

Nope, didn't work.

Why don't any of the other injections work?
Author

RE: Ok this is just confusing to me (basic 8)


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 23-09-05 15:40
You have to use some logic when viewing the source of a certain page of this challenge. A hint, look at the url right now. Do you see the .php?something=? Think about that while looking at the source.