Basic 8

I'm a noob at SQL. But here is what i have:

=S * M family_db W secure-area.php=$_G['something']

Is this the right way?

Pm me plz I'm going crazy..

Sorry my english from sweden you know!:)

this is nowhere near how i completed the challenge lol and it would be

SELECT * FROM family_db WHERE_______________________ etc

look into source code, when you get error message. you'll find something important. btw., you don't need "where" clause.

k.. I will look source code but idon't think it's going to help me mutch..

=SELECT * FROM family_db WHERE password=$ Get['something']

plz a hint what am i missing or doing wrong!

RaFio wrote: k.. I will look source code but idon't think it's going to help me mutch..

=SELECT * FROM family_db WHERE password=$ Get['something']

plz a hint what am i missing or doing wrong!

Err… where did you get the "=SELECT * FROM family_db WHERE password=$ Get['something']" bit from." That is just an example of vulnerable PHP code

Yeah, it´s rather simple. Just try some simple selects for the Password. :D

there are some pretty massive spoilers in here methinks….probably should be ***ed out a bit

RaFio wrote: k.. I will look source code but idon't think it's going to help me mutch..

=SELECT * FROM family_db WHERE password=$ Get['something']

plz a hint what am i missing or doing wrong!

be careful. something important it's in a comment. look at a URL: http://any_domain/index.php?print=hello_world and try to understand it.

Ok i realy don't know what to do.. This is what i got so far

?s**_qy F* f***y_d

is it near or am i so dum i need stop hacking?

RaFio wrote: Ok i realy don't know what to do.. This is what i got so far

?s**_qy F* f***y_d

is it near or am i so dum i need stop hacking? well, you are on the right way. you know already what means s**_qy. try this: ?s_q**y=S****T … p.s.: hacking is about learnig not about rank points. don't stop brushing your hacking skills and learn other people. ;)

I got it!:p