Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

basic 21, my sql code should extract the password


ghost's Avatar
0 0

I can extract the username, so it is printed out in an error message. When I replace the name of the username column, with the name of the password column, it doesnt error. Which it should have, just like when the username got printed out.

Got any hints for me? :)


ghost's Avatar
0 0

the script you used to find the username is similar but not the same as the one you need for the password. Examine the whitepaper closely because if you found the username then your not too far off from the password.

Good luck

p.s. it's not too hard so don't look into it too much


8289104's Avatar
Member
0 0

i met this problem too, can anyone help?


Huitzilopochtli's Avatar
....
10 9

Read the pdf again, everything you need to complete this one is in there.


sangantnk8's Avatar
Member
0 0

i'm stuck on this chall. i tried to use all sql injection i know and read this paper. so i can't create a error "convert". anyone who give me any hint or any document about it. PS:/ i searched google about Error Based SQL Injection!!! (Stuck!!!!)


MrCyph3r's Avatar
npm ERR!
0 0

The link posted by rex_mundi contains everything you need to solve this challenge. look a few posts above yours thumbs up


Huitzilopochtli's Avatar
....
10 9

Top Tip: If you're copying and pasting it direct from the pdf, and you don't get the error message it tells you in the whitepaper, it doesn't mean the injection is wrong, or has suddenly stopped working, it means you need to learn how to copy and paste better.

True story bro. thumbs up


Huitzilopochtli's Avatar
....
10 9

There's nothing wrong with the pdf file, the site just has certificate issues so it's hardly an instant death sentence if you visit it, or download the pdf.

Since it's not the only copy on the entire internet, Googling the link or the pdf name, would have taken you straight here: https://crypto.stanford.edu/cs155/papers/sql_injection.pdf