Uh oh. Looks like your using an ad blocker.
Our site is support by ads that help to pay our hosting costs. Please disable or whitelist us within your ad blocker to help us keep the site online.
All money generate by ads and donations is used to pay the hosting costs of the site, for more information about our income and expenses please see our donation page.
Hello! I'm not too bad with SQL, but this has me stumped. It seems like it's looking for a specific SQL query because the error message in the "you failed" page says "Wrong SQL query"
I've tried a few queries, with the one that makes most sense to me being:
' OR S***** D****** * F**** db W**** uname='(guy's name)
I don't know how do spoilers properly, so I've starred some stuff out and changed the last bit. Hopefully someone who's fluent in SQL will know what I mean!
Am I on the right track? It seems to me I need to pull out Drake's password from the database.
It seems like it's looking for a specific SQL query because the error message in the "you failed" page says "Wrong SQL query" That's because it IS looking for a single specific query, maybe you should check the source code as there might be something in there that can help you with where the injection point in this challenge actually is.
It seems to me I need to pull out Drake's password from the database. You don't need to pull anything out man, the challenge gives you everything you'll need to pass it. you just need to put it together, in the correct place.