SQLi test #2

Crassus · 01-02-2012, 09:08 AM

(01-02-2012 08:05 AM)batfink Wrote:

You must reply to see links
Looks quite nice, gonna give it ago....

edit: Done it, took about 10 minutes of trial and error.

Well done.

lolalu · (This post was last modified: 01-07-2012 06:12 PM by lolalu.)

(01-06-2012 06:24 PM)G#42 Wrote:

You must reply to see links
Good work batfink!!!

lolalu much luck?

i still havent tried :X
and we also ahve to gues table and column names?

***spot_1337*** · 01-08-2012, 07:50 AM

I will try to hack it later today, do we have permission to do this or do i need my vpn?

Crassus · 01-23-2012, 05:58 AM

(01-08-2012 12:12 PM)G#42 Wrote:

You must reply to see links
You should always use a proxy network such as tor or use a VPN if the challenge resides on a different domain other then this website, unless you had a signed agreement with an organization that can hold up in court.

The police will NOT trace you down and charge you just for injecting a random website. You've caused $0 damage and it would cost them thousands to get it to court just for a judge to say you're very naughty but you didn't really break any laws. Now use a proxy by all means, but you will not get into any serious trouble for simple injections like this.

zFerox · 01-26-2012, 06:19 AM

(01-24-2012 09:44 PM)G#42 Wrote:

You must reply to see links
I feel as if you are 100% correct on this but my question to you is, if it can be avoided, why take the risk of being caught or GREATLY increase your chances by not staying anonymous? I wouldn't risk it. Just my two cents friend

But for the record I don't encourage illegal activities... ... ...

Well if you aren't SQLi'ing into any .gov sites, no one will care, trust me, unless you SQLi then get passwords and THEN deface them somehow.. then they might, as that means you caused them damage ._.

chronicle333 · 02-03-2012, 05:26 AM

i really dont have any idea how to get the user's column and andy's link and the other users -__- i just read a basic SQLi tut for beginners and learn the basic after u found the admin panel and try to enter admin and some of the attack code, but i have no idea how to start with this test -___-

chronicle333 · 02-11-2012, 05:10 PM

need help, how would you know the vulnerable link for that?

bobjon · 05-01-2012, 06:39 AM

Going to learn how to SQLI and then attempt this Big Grin

***G0ld3n dr4g0n*** · (This post was last modified: 08-02-2012 12:57 PM by G0ld3n dr4g0n.)

Pm has been sent Wink

youcantseeme · 10-10-2012, 11:54 AM

I've just began to learn SQLi and thought I'd take up this challenge.

I managed to find a vulnerable part of the website.
I managed to find out how many columns the database has.
When I tried to union select all * number of the columns, it displayed a blank white page.

I'm stuck and confused ?_?

Thread Options
View a Printable Version Send this Thread to a Friend Subscribe to this thread