Think Very Carefully About What the SQL Commands are Doing

[nightsider]

got a problem i used the correct injection to view the number of tables in the db, but my browser wont load the jpgs im using the latest ver of firefox and i am running win vista any help u can give me would be apreciated

[Defience]

got a problem i used the correct injection to view the number of tables in the db, but my browser wont load the jpgs im using the latest ver of firefox and i am running win vista any help u can give me would be apreciated

If you run the injection and receive broken images.....take a look at the source code of those images.

[jovialOne]

WHY WHY WHY!!!! I'm going crazy asking myself this question... WHY! I finally gave up and checked out a tutorial about how it's done. I was using all of the proper syntax except the NULL..... well a few of them. I am a SQL noob and I'm really enjoying learning this stuff but I don't learn unless I know WHY it's doing it... the LOGIC behind it. How does one find out how many fields to put in NULLs??? I am so at a loss. Even the youtubers who gave the tutorial were script kiddies, they didn't explain WHY, they probably didn't know why, someone showed them I'm sure.

Please one of you veteran SQL injectors help me understand the logic behind this, I humbly ask for some knowledge oh wise ones. I was at it for 4 days learning EVERYTHING about SQL, but I just kept getting errors with all my syntax. I guess because I wasn't including the NULL's. Is it because both sides have to be even? I assumed 4 fields to the original query. Category, Picture on file, description, price???? I don't know it's a wild guess please HELP!

jovialOne

PS My goal isn't to "beat" the missions, it's to learn...

[relictus]

WHY WHY WHY!!!! I'm going crazy asking myself this question... WHY! I finally gave up and checked out a tutorial about how it's done. I was using all of the proper syntax except the NULL..... well a few of them. I am a SQL noob and I'm really enjoying learning this stuff but I don't learn unless I know WHY it's doing it... the LOGIC behind it. How does one find out how many fields to put in NULLs??? I am so at a loss. Even the youtubers who gave the tutorial were script kiddies, they didn't explain WHY, they probably didn't know why, someone showed them I'm sure.

Please one of you veteran SQL injectors help me understand the logic behind this, I humbly ask for some knowledge oh wise ones. I was at it for 4 days learning EVERYTHING about SQL, but I just kept getting errors with all my syntax. I guess because I wasn't including the NULL's. Is it because both sides have to be even? I assumed 4 fields to the original query. Category, Picture on file, description, price???? I don't know it's a wild guess please HELP!

jovialOne

PS My goal isn't to "beat" the missions, it's to learn...

The UNION command basically merges the result of two SELECT queries; in order to do that, the number of colums of the two tables you are selecting from as to be equal; in this case the number of colums of the "product" table is 4 and the number of columns of the "email" table is 1, so we need three more NULLs (I guessed that the email table had only one column and figured out the number of columns of the product table using the "ORDER BY" trick)

[katrondeso]

SQL INJECTION WAS VERY MODErate,
BUT IT's nEDDED iN THis MiSsIoN.
i just think about why are people using this forum was very few?
maybe they're to genius so they don't have to use this forum... or they are tricky...
i don't know exactly...
BUT, the best and the most fair way to get some help with the mission in HTS is from its own forum NOT from UNKNOWN resource <ACCORDING TO ME>..... Thx..

[hiddenmin]

i try
[something]

it is ok

but when i try
[something else]

i got a blank data


whats wrong
????



sory of my english

[xyberz09]

Whoops!! I think the last post was a bit of a spoiler!!

[b0r15]

^^That post is a little spoiler, but its coded wrong anyway. Your oh so close! Just check your Sql injector syntax.

[King4Free]

I have the list of email but I don't know what to do to complete this missions...
Perhaps my method is not exactly the best one... But it works...
Can someone help me to officially complete this mission?
Thank you

[Brandon1650]

this site should show you the basics of sql, which is what you need to beat realistic 4
http://www.codeproject.com/KB/database/sqlintenmin.aspx