Lost

p4p1 [lexostras]
9 years ago | edited 9 years ago

0

Ok so I am on this level for about a week and I am lost… So I am gonna list what I learned and what I did:

**What I read/watched:**[/center] - So I read at the start about sqli in wikipedia and owasp. - Then I read [this](https://www.hackthis.co.uk/articles/about-sql-injections-with-ms-sql-server) - Then I watched a youtube video with some guy talking about sqli - After doing all this I went on and looked at a kali linux thing to find out tables [center]**What I did:**
-Right after the level sqli 1 I tried doing this in the login form: x'1=1 or ‘a’=‘a */
-After that fail I understood that you need to use the Browse member thing.
-So I went in and I was stuck there not knowing what to do.
-And with a spark of light I screamed EUREKA (stupid reference) and putted a ’ in the url and got an error
DEBUG: SELECT username, admin FROM members WHERE username LIKE 'u'%'
-then I tried to do stuff like order by 1– in the url but it was failing over and over.
- I do understand the fact that if there is not a thing on the screen, it means that the app has crashed, but each time I do change something in my order by statement I just does not want to work (even with letters)

please help :(

Used to be lexostras…. but i got tierd of my name so now it’s worst…..
My github dont click this

Mugi [Mugiwara27]
9 years ago

2

Here you have to find several information that’ll help you to get into the good sql query
And first of all, you need to understand what are you looking for

Gain access to an administrators account

You’ll need to use that information too in your query to find administrators account
Also, that article could help you : https://www.owasp.org/index.php/SQL_Injection

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\’‘ at line 1

p4p1 [lexostras]
8 years ago

0

@Mugiwara27 thanks for answering and sorry for the delay, I understand that you need the administrators account but I really don’t understand how to get his username and password using the browse member thing like I said in my original post :(

Used to be lexostras…. but i got tierd of my name so now it’s worst…..
My github dont click this

Mugi [Mugiwara27]
8 years ago

1

So you don’t understand what’s a SQL injection, learn learn and learn

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\’‘ at line 1

p4p1 [lexostras]
8 years ago

0

@Mugiwara27 Well I think I know how sqli work,

after reading a lot and learning stuff I understand that sql is some sort of coding language that interacts in a dynamic way with the server. So to “hack” it you use the dynamic part of it and add stuff like quotes to make it error and inject stuff inside that string so that when the server reseaves it, it will execute what you added in the injection.

I am sorry if it is a spoiler :(

Used to be lexostras…. but i got tierd of my name so now it’s worst…..
My github dont click this

Mugi [Mugiwara27]
8 years ago

1

It’s not a spoiler just a good explication of SQL injection
So you know how to do and you have to inject :)
Look what I linked too it’s helpful

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\’‘ at line 1

p4p1 [lexostras]
8 years ago

0

Ok thanks @Mugiwara27 this level is a reall chalenge for me ill read again what you sent me tomorrow when ill be more awake ^^

Used to be lexostras…. but i got tierd of my name so now it’s worst…..
My github dont click this

Reply has been removed

kaleka
8 years ago

1

If you are stuck on this level, put it aside for a couple of days and then come back… This method worked for me :)

SQLi 2

0

2

0

1

0

1

0

1