Welcome to HBH! If you had an account on hellboundhacker.org you will need to reset your password using the Lost Password system before you will be able to login.

mission 7

  1. Home
  2. Forum
  3. Realistic
  4. mission 7

Mr_Cheese's Avatar

Mr_Cheese

0 1

this is as far as i have gotten:

got the admin details (but have to use that last)

attempted SQL injection on access.php, But im guessing this is the right track, but im getting syntax errors:

You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'SELECT * FROM XXXXX WHERE id=1' at line 1

any ideas???


ghost's Avatar

ghost

0 0

yeah, i've been trying to guess a password. What i've seen with the teachers is that Ms. Jennifer Smith has an id of 20 and Ms. Yoshi James has an id of 1, yet there are only 16 teachers in the list. I've managed to find one that isn't a real id so far, and that's id=6. It's probably nothing, but you never know….

I was also able to generate the error you got Mr_Cheese, from the teacherinfo.php url.


ghost's Avatar

ghost

0 0

I can, I only don't get the table name