 listito's score, :/ |
  |
 Jun 8 2007, 05:30 AM
Post
#1
|
|
|
Newbie  Group: Members Posts: 3 Joined: 8-June 07 Member No.: 179  |
I need some help, I do my best but I didn't find the damn e-mail
I can see all the usernames and scores, but I can't return any email from DB please help me, thanks |
 |
 
|
|
Sep 8 2007, 01:44 PM
Post
#2
|
|
|
Member Group: Root Admin Posts: 24 Joined: 15-October 06 Member No.: 6 |
QUOTE (4ngr4r0x @ Jun 8 2007, 05:30 AM)  I need some help, I do my best but I didn't find the damn e-mail I can see all the usernames and scores, but I can't return any email from DB please help me, thanks Find the right field and forge the right sql injection |
|
|
|
 Dec 18 2007, 05:38 PM
Post
#3
|
|
|
Newbie Group: Members Posts: 5 Joined: 17-December 07 Member No.: 270 |
QUOTE (totoiste @ Sep 8 2007, 05:44 AM) Find the right field and forge the right sql injection So basically it's a matter of using the right SQL injection in the challengers name input field right? I've been inputing code that brings up username/password combos. But that isn't it. Would I be out of line to say you gotta use more than one injection? |
|
|
|
| Guest_asdasd_* |
 May 13 2008, 12:56 PM
Post
#4
|
|
Guests |
WOOHOO... I did it...
QUOTE (Thor @ Dec 18 2007, 05:38 PM) So basically it's a matter of using the right SQL injection in the challengers name input field right? I've been inputing code that brings up username/password combos. But that isn't it. Would I be out of line to say you gotta use more than one injection? Hey Man! Learn SQL basics... its useful stuff... most importantly: how to build a select query, syntax, LIKE, RLIKE (regular expressions), AS, UNION, LIMIT, WHERE, where to put ', " and ` symbols so it doesnt make an error, etc etc... good luck man... |
|
|
|
| Guest_Chris Charles_* |
May 20 2008, 02:27 PM
Post
#5
|
|
Guests |
THank you so much for the help. ~.^
|
|
|
|
|
Apr 6 2009, 11:42 AM
Post
#6
|
|
|
Newbie Group: Members Posts: 3 Joined: 6-April 09 Member No.: 807 |
EDIT: This was totally wrong
 read my next reply please |
|
|
|
|
Aug 11 2009, 10:18 AM
Post
#7
|
|
|
Newbie Group: Members Posts: 3 Joined: 6-April 09 Member No.: 807 |
Okay I've found a way to inject sql, but I get this error:
**Deleted by Thireus** I don't know how to bypass this can I PM someone my query? Or maybe someone can give me a lil hint how I could avoid the denied SELECT? This post has been edited by Thireus: Aug 13 2009, 03:03 PM
Reason for edit: Please do not post the solution xD
|
|
|
|
|
Aug 13 2009, 03:04 PM
Post
#8
|
|
 Advanced Member Group: Root Admin Posts: 172 Joined: 14-October 06 Member No.: 1 |
QUOTE (Kruptein @ Aug 11 2009, 10:18 AM) Okay I've found a way to inject sql, but I get this error: **Deleted by Thireus** I don't know how to bypass this can I PM someone my query? Or maybe someone can give me a lil hint how I could avoid the denied SELECT? You can send what you found to totoiste. PM him on the site  What you found is the solution for another challenge 
-------------------- Thanks, Thireus.
 |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 26th May 2013 - 07:10 AM |