Basic 8...

$s**q****=S***** * F*** f******* W**** username='Drake' password=$form is that right so far?, should I remove more, I am really lost

That technically would be correct, but you can make it so much easier if you didn't have to be so specific in the query ;)

u just have to much on the query

just $s**q****=S***** * F*** f*****? and how can I inject that add it past index.php, so like index.php$sq****=S***** * F*** f*******

try another page

SniperSA wrote: just $s**q****=S***** * F*** f*****? and how can I inject that add it past index.php, so like index.php$sq****=S***** * F*** f*******

By now you should know the souce is very valuable, take a look around. p.s. I reckon' you could make it even simpler, check out some common queries.

// EDIT // http://www.w3schools.com/sql/default.asp

?s**q****=S****%20*%20F***%20f******* in front of another site worked, if that was too much spoilers i will remove, but that is a big hint.

SniperSA wrote: ?s**q****=S****%20*%20F***%20f******* in front of another site worked, if that was too much spoilers i will remove, but that is a big hint.

Your on the track. [possible spoiler]But I believe something else goes after ?s**_q**** aka, you can even get simpler.[/possible spoiler]

ok… try a different page other then the index page… and yes on other sites it will workk… but with this challenge it wants a very very very simple injection…

Can someone please let me pm them or contact them, this challenge is making me go insane…! :-(

Can someone please let me pm them or contact them, this challenge is making me go insane…! :-(

Me as well.. I do not understand SQL injections

First try something random to login. Then, look at the query. Also, there's a hint in the source, the things that the people posted with * in it is NOT the actual injection. Just try the fake login and try some stuff.

Fc1x

(first post)

it would be index.php?sqlblahblah, not with a "$", ya know, just in case that's what you're trying…

I put in something along the lines of this:

http://www.hellboundhackers.org/.../.../$sql_q*****=SEL*** * FR*M fam… (you figure out the rest, hint: it's very general, try looking only in the database, don't use the WHERE query at all.)

Just be sure not to put in any spaces. Unless there's one above, then put one in.