ajkaro Posted October 17, 2013 Report Share Posted October 17, 2013 (edited) If you don't want to have problems displaying result from your injection in some column because of wrong data type, then we must know table definition. That is main part in this challenge and purpose of this (challenge) exercise...Target: h~~p://wond[RST]erlandthe[RST]mepark.com/wat[RST]erpark.php?wid=5replace all ~ and remove all [RST]Tasks:display numbered list of all tables in primary database (each table name should be display only once - see proof picture) display numbered list of all column names in every table (use different color as for table names) for each column display type of column (date, time, integer, decimal, char, varchar, text...) for column accepting integers display precision and scale (in separated columns) and mark them with label (precision) for column accepting characters/integers display maximum allowed length for input, mark such columns with (length) and put / in column scale (as it doesn't exists for that type of data) divide each table with horizontal line put header above table definition output with column titles Proof:Rules:use union select based SQLi post picture as proof and send me your syntax to PM HTML elements <table> <tr> <td> for building table with columns are not allowed Solvers:- Renegade (by PM) Edited October 20, 2013 by ajkaro Quote Link to comment Share on other sites More sharing options...
Net_Spy Posted October 19, 2013 Report Share Posted October 19, 2013 Im not going to solve it further but it was a tricky one too thankz for it . chk ur pm broRegardsNet_Spy Quote Link to comment Share on other sites More sharing options...
ajkaro Posted October 19, 2013 Author Report Share Posted October 19, 2013 Im not going to solve it further but it was a tricky one too thankz for it . chk ur pm broRegardsNet_SpyYour command to display version doesn't work for me. I sent you mine. Quote Link to comment Share on other sites More sharing options...
