Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Realistic 9 SQL

  1. Home
  2. Forum
  3. Realistic
  4. Realistic 9 SQL

C_K_A01's Avatar

C_K_A01

Member
0 0

Hey guys,

normally I complete those in a few minutes but at the admin bypass in this challenge I think I'm stuck. I tried nearly all possible SQLI - Methods -> with numbers, without numbers, with chars etc. Every time the page only refreshes or a Message : "You are on the right track but stick to the mission." is shown. I tried somethng like '** '='


C_K_A01's Avatar

C_K_A01

Member
0 0

I tried a lot of different ways. Is there a way to come logical to the solution of this part? If someone can give me a little hint (but not : try '** = …..) it would be great.


C_K_A01's Avatar

C_K_A01

Member
0 0

I tried a lot of different ways. Is there a way to come logical to the solution of this part? If someone can give me a little hint (but not : try '** = …..) it would be great.


Huitzilopochtli's Avatar

Huitzilopochtli

....
10 9

Your injection needs to go in both fields of the login form. Dont use numbers. (and yes : try '** =–)