ajkaro Posted July 12, 2013 Report Posted July 12, 2013 (edited) When we inject we usually want to know all table names, we want to know if there are tables with many records and if you are searching for passwords you want to know column names for tables with password so in next step you can compose a SQLi command to get data from columns needed for login (like columns username & password). All that is your task in this challenge If you know how, also add some numbering cosmetics Target:hXXp://wXw.fotodi.ru/vyst.php?id=100Task:display all tables (except those from information_schema) display numbering of all tables (all numbers should have same length of 3 numbers (001, 002, ... 011... 099, 100...) mark all tables with more than 1000 records with some label (like over 1000 records) display count and all column names at tables with password column (search for character combination pas) display numbering of all column names in each table with password column Proof:Rules:your command should work without knowing anything about database on that site (no previous SQLi injection for checking table or column names are allowed/needed) result (see proof picture) is made by one SQLi command use union select based SQLi post picture as proof send me your command to PM colors and lines in output are not required Solvers:- Bitmap Edited September 10, 2013 by ajkaro Quote
2time Posted July 12, 2013 Report Posted July 12, 2013 in the end I want to see the solve if possible thx Quote
ajkaro Posted July 12, 2013 Author Report Posted July 12, 2013 (edited) Put label 1000 records ONLY with tables where there are more than 1000 records. And not at every table...Compare your picture with my picture. Edited July 12, 2013 by ajkaro Quote
