Think Very Carefully About What the SQL Commands are Doing

[King4Free]

I don't know if the last post is for me, but I complete this mission because I see the list of email...
But the site didn't redirect me to the 'Mission complete' page... There is something to do when we have the email list???

[tdizzogger]

got a problem i used the correct injection to view the number of tables in the db, but my browser wont load the jpgs im using the latest ver of firefox and i am running win vista any help u can give me would be apreciated

If you run the injection and receive broken images.....take a look at the source code of those images.

does the source present a doorway to new possibilities, or is it simply telling us that we messed up? I finally realized that there were GET-using pages staring me in the face...when I tried to sql-exploit them, I got a broken image. Not sure if this means "try, try again" or "use this to do something else" From what I've read throughout the forum, I just need to find the right command. I'm currently checking out a resource that tells me I need to use error messages to figure out table names, column names, etc. However, The only error messages I've managed to get are a broken image and the one just about everyone has gotten after messing with the email input box. I've seen posts about nulls to compensate for column number disparities, but I don't know how to find those disparities. I've been checking out http://www.securiteam.com/securityreviews/5DP0N1P76E.html...does anyone have a more relevant source of information on SQL injections? The last link isn't that great.

btw, @those trying to figure out what to do with the email list once they have it, I STRONGLY suggest that you read previous posts before filling the forum with near-identical questions...your laziness makes it harder for the rest of us to find information. "Thanks in advance"

[Defience]

If you get a page with a lot of broken images and no other information on that page, then check the source code.

To get the number of columns use the 'ORDER BY' command. You should get an error message when you exceed the number of columns that there are, however, I just retried it and once I passed the number of columns it just produced a broken image. If you use ORDER BY and the images are intact just keep bumping it up by one until you either get an error message or a single broken image. Once you figure out the number of columns you can get your syntax together and use nulls to fill the gaps.

[Magnus Prime]

All right, I have a problem.
I found out that the table was called e***l, but whenever I try the SQL Injection S***C* * FR** e***l, it either gives the same ERROR message (from the email box) or takes me to HTS saying the page doesn't exist! Please advise!
NOTE: I am a newbie, so I might not understand the more technical terms. I've completed all Basics and Realistics up till this one, except R1, which I can't seem to get. If you can, plz PM me on that one. THX!

[Defience]

Try reading the post directly above yours.

[Dexxra]

I already completed this, but I am really confused why my initial SQL statement did not work considering the one that did work is the *SAME* statement with extra statements that would make absolutely no difference...

Anyone mind letting me PM them and have them explain this?

[AngelicPain93]

Stuck badly, as i understand i need to use the union command to have the results of 2 tables yes? why 2 tables if i only need 1?
But

Notice that each SELECT statement within the UNION must have the same number of columns. The columns must also have similar data types. Also, the columns in each SELECT statement must be in the same order.

this is from w3schools

how do i find how many columns the tables have when all of my bad injections turn up with a broken image or '
aliens must have abducted this page' ;D
i tried Google but it doesn't give any situations from a hackers point of view. So far i got some ideas from my best friend Google, i understand that every database had few tables that must exist, these tables contain info about other tables yes?

[Defience]

To determine the number of columns use the 'ORDER BY' command, increment until it 'falls off'.

[AngelicPain93]

1 more little question: i know the table name but not how many columns it has so i have to use order by command BUT in order to use it i need to know the column names :S or have i missed something?

oh and as i i understood from previous posts i should get the page containing normal info plus my information gained by the sql injection yea? if yes for some reason i only get a broken image

[Defience]

You do not need the column names to use the 'order by' command, you are trying to determine how many columns there are. What would be the logical thing to use to to determine that? Then:

...increment until it 'falls off'.