Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.
Sql injection, localhost users only
Let's say I managed to exploit an sql injection in a server ( i am just testing, nothing illegal ). Well, what I get is user password host someacc, somepass, localhost or some other server, but NOT %, global access. (I am always talking for mysql.users table and of course only union is available, ; char is filter automatically ) Is there a way to actually use this information? If there is what kind of technique/attack do I use?
BTW if you re facing some language/collation prob etc instead of using select null,password COLLATE utf8_bin from table or whatever in your statement, use select null,unhex(hex(password)) from table That thing (it works in my tests) took me sometime, I hope you'll find it useful :D