Please ask questions ONLY in this topic.

FAP is company that slaughters animals and turns their skin into overpriced products which are then sold to rich bastards! Help animal rights activists increase political awareness by hacking their mailing list.

Re: Please ask questions ONLY in this topic.

Post by ant100 on Fri May 23, 2014 2:44 pm
([msg=80928]see Re: Please ask questions ONLY in this topic.[/msg])

I finally finished the challenge, but there was just one thing I feel I was missing. I knew a little about SQL, but I didn't know about the UNION ALL command. After reading about it, I used it properly and I got the emails. Problem was, I sort of guess the number of columns. It worked out, but I don't feel that was the point.

Reading the threads I discovered there was a way of finding out the number of columns with order by (hope this isn't a spoiler, it was posted before). But never understood how to do it, I googled it and everything but can't find the solution. I might be googling for the wrong keywords, since I can't find anything on my native language.

If maybe someone could explain me, or maybe point me to the correct article/information I would really really appreciate it. I'm not asking for the line of code that would make it work, but the explanation of how and why it works that way. If somebody feels like helping out an annoying noob, I'll be waiting. Thanks!
ant100
New User
New User
 
Posts: 8
Joined: Wed May 21, 2014 2:05 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by cyberdrain on Fri May 23, 2014 6:01 pm
([msg=80939]see Re: Please ask questions ONLY in this topic.[/msg])

Though mShred is more the SQL guy, I think I could explain that one. With a lot of SQL injection the idea is to generate errors. Clever use of the errors will make it possible to return the value of whatever variable you require, including the amount of columns. Normally the command is used to sort a query based on a certain column, as you already found out. Now if you try sorting based on a column that doesn't exist, an error will be returned. Using that knowledge you can determine the amounts of columns. You may PM me if you still don't understand or have any more questions not answered :)
Free your mind / Think clearly
User avatar
cyberdrain
Contributor
Contributor
 
Posts: 969
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by Jaggions on Sun Jun 01, 2014 3:54 pm
([msg=81141]see Re: Please ask questions ONLY in this topic.[/msg])

Hey guys, I'm a newbie here. I have completed all 11 basic missions and the first 3 realistic missions on my own in a few hours, but now I'm stuck on realistic mission 4. I have been thinking about the SQL code and trying for hours, and I've read all 43 pages of this thread, which was somewhat tiring. I still couldn't find the correct code, even if I have read all your hints and the webpages you linked in your posts.
Can you help me in some way please? I'm literally getting crazy! :cry:
Jaggions
New User
New User
 
Posts: 1
Joined: Sun Jun 01, 2014 3:45 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by 1lastBr3ath on Thu Sep 04, 2014 5:50 am
([msg=83193]see Re: Please ask questions ONLY in this topic.[/msg])

Greetings everyone :)
I just completed the mission, luckily, and I hope you'll too. A tip I would give to those, who haven't completed the mission, is "Don't over think", you'll only make it complex that way.
But, a question I had, as far as I know, when using UNION ALL, the number of columns, corresponding data type and their sequence must be same, right? Correct me if I'm wrong :)
So, does that mean both the table have same number of columns? [I read somewhere, here, the '****' contains only 1 column :roll: ]
The thing about '*', I think, is to, kind of, replace the column_name of that specified position.
I also found, some are asking why we need to use 'null', which I'm sure is to make no mistake in making similar data type while using UNION ALL. You may also use numbers instead, but it may not work in some cases.

A humble request, please correct me if I'm wrong anywhere or giving wrong information, and please clear my thoughts regarding above question.
an enthusiast, but impatient :(
1lastBr3ath
New User
New User
 
Posts: 6
Joined: Tue Aug 12, 2014 3:37 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by cyberdrain on Thu Sep 04, 2014 8:14 am
([msg=83201]see Re: Please ask questions ONLY in this topic.[/msg])

This is way too close to being a spoiler. There are commands to figure that out though, you don't need to guess any of it. Other than that, I think you nailed it.
Free your mind / Think clearly
User avatar
cyberdrain
Contributor
Contributor
 
Posts: 969
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by -Ninjex- on Thu Sep 04, 2014 8:25 am
([msg=83203]see Re: Please ask questions ONLY in this topic.[/msg])

1lastBr3ath wrote:I just completed the mission, luckily, and I hope you'll too.


It really gets under my skin when I see this. If you luckily passed the mission you didn't learn what you needed to. Go back over the knowledge and really learn what's going on, don't just be happy with a lucky pass of a mission (however you managed to do that)

Also to everyone else, I DO NOT HOPE YOU GET LUCKY. If you don't know the shit, you don't deserve to pass anyways.

1lastBr3ath wrote:The thing about '*', I think, is to,...

This even further proves my point...

1lastBr3ath wrote:But, a question I had, as far as I know, when using UNION ALL, the number of columns, corresponding data type and their sequence must be same, right? Correct me if I'm wrong :)


Firstly, UNION is used to combine two statements
ALL is used to compare a value to a list or subquery
Now I'll let you also luckily guess how we generated the subquery
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1303
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by cyberdrain on Thu Sep 04, 2014 9:00 am
([msg=83214]see Re: Please ask questions ONLY in this topic.[/msg])

Ninjex, he doesn't say he got lucky, 'luckily' could be interpreted as him being happy he was fortunate to figure it out. It's a language/culture thing. If it shouldn't be interpreted like that, then I would agree with you.
Free your mind / Think clearly
User avatar
cyberdrain
Contributor
Contributor
 
Posts: 969
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by -Ninjex- on Thu Sep 04, 2014 9:09 am
([msg=83217]see Re: Please ask questions ONLY in this topic.[/msg])

cyberdrain wrote:Ninjex, he doesn't say he got lucky, 'luckily' could be interpreted as him being happy he was fortunate to figure it out. It's a language/culture thing. If it shouldn't be interpreted like that, then I would agree with you.


I quoted him on two occasions, and I really feel as if he didn't properly learn what he needed.
Just from reading his post, I can almost undoubtedly assure you that he was barely capable of passing this challenge (if he even did so legitimately)

and then there is also this:
"I also found, some are asking why we need to use 'null', which I'm sure is to make no mistake in making similar data type while using UNION ALL."
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1303
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by 1lastBr3ath on Thu Sep 04, 2014 12:50 pm
([msg=83244]see Re: Please ask questions ONLY in this topic.[/msg])

Okay, you can say that.
That's why I posted my questions here so that I can clear my thoughts, a process of learning, isn't it? If I knew how it worked and why, I wouldn't have posted anything at all.
I've clearly written what I think and requested to correct if wrong. So, I think you should rather correct me, you know. If the questions I had asked has been answered earlier, I'm sure the thread wouldn't have gone 43 page.
Anyway, you can at least provide some reference where it's clearly explained. Hope you don't mind.
an enthusiast, but impatient :(
1lastBr3ath
New User
New User
 
Posts: 6
Joined: Tue Aug 12, 2014 3:37 am
Blog: View Blog (0)


Re: Please ask questions ONLY in this topic.

Post by cyberdrain on Thu Sep 04, 2014 1:13 pm
([msg=83249]see Re: Please ask questions ONLY in this topic.[/msg])

1lastBr3ath wrote:Anyway, you can at least provide some reference where it's clearly explained. Hope you don't mind.

That's not that hard, just Google SQL injection and find more information about it. That or try to use SQL yourself, there's some courses over at W3Schools.
Free your mind / Think clearly
User avatar
cyberdrain
Contributor
Contributor
 
Posts: 969
Joined: Sun Nov 27, 2011 1:58 pm
Blog: View Blog (0)


PreviousNext

Return to (Real 4) Fischer's Animal Products

Who is online

Users browsing this forum: No registered users and 0 guests